Node 1: CTF Walkthrough

In this article, we will learn to solve a Capture the Flag (CTF) challenge which was posted on VulnHub by Rob. According to the information given in the description by the author of the challenge, this CTF is a medium-level boot-to-root challenge in which you need to capture two flags. The first flag needs to be captured as a user and the second flag needs to be captured as a root user.

You can download the VM for Virtual Box here. The torrent downloadable URL is also available for this VM, which is given in the reference section at the end of this article. Since the size of the Virtual Machine is more than 1 GB, I would recommend using the torrent for downloading the virtual machine.

For those who are new to CTF challenges and are not aware of this platform, VulnHub is a well-known website for security researchers which provides users with a method to learn and practice their hacking skills through a series of challenges in a safe and legal environment.

Please Note: For all of these machines, I have used Oracle Virtual Box to run the downloaded machine. I will be using Kali Linux as the attacker machine for solving this CTF. The techniques used are solely for educational purposes only, and I am not responsible if the listed techniques are used against any other targets.

The Walkthrough

After downloading and running this machine in Virtual Box, we started by running the Netdiscover command to obtain the IP Address of the target machine. The command and its output can be seen in the screenshot given below:

Command Used: netdiscover

As shown in the highlighted area in the above screenshot, we have obtained the Virtual Machine IP address, 192.168.1.19 (the target machine IP address). (Read more...)