Synced (Tier 0)

Description

  • Tier -> 0

  • Difficult -> Very Easy

  • OS -> Linux

  • Tags -> Rsync / Protocols / Reconnaissance / Anonymous/Guest Access

https://app.hackthebox.com/starting-point?tier=0

Write-up

  • With a little research, I started answering the first question

Answer: 873

  • Then I continued doing an initial port scan of the machine using Nmap

  • With this, I answered the next question

Answer: 1

  • Then I did an exhaustive scan of the ports we found to get information about the running service

  • With this and a little research, I answered some questions

Answer: 31

Answer: rsync

Answer: None

Answer: list-only

  • I found there was a service named rsync that, with a little research, I found was a file synchronization application. Also, I found that it was possible to interact with it using the rsync command-line utility. So I tried using it to list the files being shared under this application, specifying it was using a daemon to run this service, and I saw it was successful

  • I found a public folder, so I listed its content, where I found a flag.txt file. So I transferred it from the server to my machine and read its content, finally finding the root flag

  • With this, I got the root flag and pwned the machine

Answer: 72eaf5344ebb84908ae543a719830519

PreviousMongod (Tier 0)NextAppointment (Tier 1)

Last updated