HackTheBox : Cap Walkthrough

First glance

Now let’s get acquainted with our site.

Step 1.

Let’s scan for open ports with Nmap

Command: nmap -A 10.10.10.245

Step 2.

Beautiful. Let’s take a look at our site now.

Let’s choose the stock with the most elements in this partition. I choose ‘data/0’. Then let’s download the file.

Step 3.

Now let’s look at the ‘.cap’ file.

Command: wireshark 0.cap

If we open the file and examine it, we see an ftp traffic

Bingo. We found the username and password.

Step 4.

As we found in Nmap, 22 ports are open. Let’s use it now.

Now let’s see what’s inside.

Command: ls

Check the contents of the file.

Command: cat user.txt

Findout the user flag and submit to htb.

I need a sudo to get the root flag. We can manage with Python. Let’s do a little research on the Internet.

To do this, let’s look at the site GTFOBins.

Let’s check

Findout the root flag and submit to htb.

Good h4cks)

--

--

--

Hello, my name is Elman. I am from Azerbaijan. I wish you a good days

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

LowCode, NoCode, HoneyCode. Do we still need developers?

Best practices for python projects

How to generate keystore on a windows

DIY Immunity Essential Oil Blend

How to send and email with C#

Adding a System Call Which Can Pass a Userspace String

Why we’re investing in the CloudEvents specification

DevOpsDays Zürich Recap

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Al1z4deh:~# echo "Welcome"

Al1z4deh:~# echo "Welcome"

Hello, my name is Elman. I am from Azerbaijan. I wish you a good days

More from Medium

Driver — Hackthebox Walkthrough

HackTheBox — Explore

HackTheBox — Shibboleth Writeup