In this article, we will try to solve a Capture the Flag (CTF) challenge that was posted on the VulnHub website by Akanksha Sachin Verma. As per the description given by the author, this is an easy/medium-level CTF and the target of this CTF is to get the root access of the victim machine and read the flag file. The author also hints that the key to solving this machine should be on exploiting functionalities rather than finding vulnerabilities. Prerequisites include some knowledge of Linux commands and the ability to run some basic penetration testing tools.
For those who are not aware of the site, VulnHub is a well-known website for security researchers that aim to provide users with a way to practice their hacking skills through a series of challenges in a safe and legal environment. You can download vulnerable machines from this website and try to exploit them. I highly suggest attempting them, as it is a good way to sharpen your skills and also to learn new techniques in a safe environment.
You can check my previous articles for more CTF challenges. I have also provided a downloadable URL for this CTF; you can download the machine and run it on VirtualBox. The torrent downloadable URL is also available for this VM and has been added in the reference section of this article.
Please note: For all of these machines, I have used Oracle VirtualBox to run the downloaded machine. I am using Kali Linux as an attacker machine for solving this CTF. The techniques used are solely for educational purposes, and I am not responsible if the listed techniques are used against any other targets.
The summary of the steps required in solving this CTF is given below:
- Get the Victim machine IP (Read more...)
*** This is a Security Bloggers Network syndicated blog from Infosec Resources authored by LetsPen Test. Read the original post at: http://feedproxy.google.com/~r/infosecResources/~3/a00_2UpxiZA/