In this article, we will find an answer to a Capture the Flag (CTF) challenge published on VulnHub.
As you may know from previous articles, VulnHub.com is a platform which provides vulnerable applications/machines to help people gain practical hands-on experience in the field of information security. You can check my previous articles for more CTF challenges. I have also provided a downloadable URL for this CTF below; you can download the machine here and run it on VirtualBox.
The torrent downloadable URL is also available for this VM. It’s been added in the reference section of this article.
As per the information given on VulnHub, this is a recent CTF which was posted in January 2020 by the author DCAU. As mentioned by the author, the challenge comprises of collecting one flag by getting the root. Prerequisites would be having some knowledge of Linux commands and the ability to run some basic penetration testing tools.
For those who aren’t familiar with the site, VulnHub is a well-known website for security researchers aimed at providing users the techniques they need so that they can learn and practice their hacking skills via a series of challenges in a safe and legal environment. You can download vulnerable machines from this website and try to exploit them. I recommend exploiting them to the fullest extent, as it is a good way to sharpen your skills and also learn new techniques in a safe environment.
Please note: For all of these machines, I have used Oracle Virtual Box to run the downloaded machine. I am using Kali Linux as an attacker machine for solving this CTF. The techniques used are solely for educational purposes, and I am not responsible if the listed techniques are used against any other targets.
The summary of (Read more...)
*** This is a Security Bloggers Network syndicated blog from Infosec Resources authored by Nikhil Kumar. Read the original post at: http://feedproxy.google.com/~r/infosecResources/~3/uklZkD2fiDQ/