Typhoon 1.02: CTF Walkthrough

Typhoon 1.02 CTF Walktrhough Introduction

In this article, we will solve a Capture the Flag (CTF) challenge that was posted on the VulnHub website by the author PrismaCSI. As per the description given by the author, this VM contains server vulnerabilities and configuration errors, so there may be multiple ways to get the root flag. Therefore, this article will be a walkthrough of just one of the solutions for this CTF.

As you may be aware from my previous articles, VulnHub is a platform that provides vulnerable applications/machines for use to gain practical hands-on experience in the field of information security. You can check my previous articles for more CTF challenges. You can download this machine here and run it on VirtualBox. The torrent downloadable URL is also available for this VM; it’s been added in the reference section of this article.

For those who are not aware of the site, VulnHub is a well-known website for security researchers which aims to provide users with a way to learn and practice their hacking skills through a series of challenges in a safe and legal environment. You can download vulnerable machines from this website and try to exploit them. There are a lot of other challenging CTF exercises available on vulnhub.com and I highly suggest attempting them, as it is a good way to sharpen your skills and learn new techniques in a safe environment.

Please Note: For these machines, I have used Oracle Virtual Box to run the downloaded machine. I am using Kali Linux as an attacker machine for solving this CTF. The techniques used are solely for educational purposes, and I am not responsible if the listed techniques are used against any other targets.

Summary of the CTF Steps

  1. Identifying target host by using netdiscover utility
  2. (Read more...)

*** This is a Security Bloggers Network syndicated blog from Infosec Resources authored by Chris Sienko. Read the original post at: http://feedproxy.google.com/~r/infosecResources/~3/EXCyDi57lNE/