Fawn (Tier 0)

Description

  • Tier -> 0

  • Difficult -> Very Easy

  • OS -> Linux

  • Tags -> FTP / Protocols / Reconnaissance / Anonymous-Guest Access

https://app.hackthebox.com/starting-point?tier=0

Write-up

  • With a little research, I started answering the first questions

Answer: File Transfer Protocol

Answer: 21

Answer: sftp

Answer: ping

  • Then I did an initial port scan using Nmap

nmap -p- -Pn --min-rate 2000 10.129.92.84

  • Then I did an exhaustive scan to get information on the services running on the found ports

nmap -p- -Pn --min-rate 2000 10.129.92.84

  • With this and a little research, I answered the next questions

Answer: vsftpd 3.0.3

Answer: Unix

Answer: ftp -h

Answer: anonymous

  • I identified a port that was running the FTP protocol, so I could try connecting through this. As I didn't have any credentials, I tried logging in as an anonymous user which wouldn't ask for a password, and with this, I successfully got in

ftp 10.129.92.94

To learn more about the FTP protocol you can go here

  • With this and a little research, I answered the next questions

Answer: 230

Answer: ls

Answer: get

  • Once inside, I listed the files being shared in the FTP server and found a flag.txt file. So I used the internal get command to download the flag.txt file from the server and then closed the connection

  • Having it locally, I checked the content of the file finally retrieving the root flag

  • With this, I got the root flag and pwned the machine

Answer: 035db21c881520061c53e0536e44f815

PreviousMeow (Tier 0)NextDancing (Tier 0)

Last updated