HackTheBox : Cap Walkthrough

First glance

Now let’s get acquainted with our site.

Step 1.

Let’s scan for open ports with Nmap

Command: nmap -A 10.10.10.245

Step 2.

Beautiful. Let’s take a look at our site now.

Let’s choose the stock with the most elements in this partition. I choose ‘data/0’. Then let’s download the file.

Step 3.

Now let’s look at the ‘.cap’ file.

Command: wireshark 0.cap

If we open the file and examine it, we see an ftp traffic

Bingo. We found the username and password.

Step 4.

As we found in Nmap, 22 ports are open. Let’s use it now.

Now let’s see what’s inside.

Command: ls

Check the contents of the file.

Command: cat user.txt

Findout the user flag and submit to htb.

I need a sudo to get the root flag. We can manage with Python. Let’s do a little research on the Internet.

To do this, let’s look at the site GTFOBins.

Let’s check

Findout the root flag and submit to htb.

Good h4cks)