HackTheBox : Cap Walkthrough

First glance

Now let’s get acquainted with our site.

Step 1.

Let’s scan for open ports with Nmap

Command: nmap -A 10.10.10.245

Step 2.

Beautiful. Let’s take a look at our site now.

Let’s choose the stock with the most elements in this partition. I choose ‘data/0’. Then let’s download the file.

Step 3.

Now let’s look at the ‘.cap’ file.

Command: wireshark 0.cap

If we open the file and examine it, we see an ftp traffic

Bingo. We found the username and password.

Step 4.

As we found in Nmap, 22 ports are open. Let’s use it now.

Now let’s see what’s inside.

Command: ls

Check the contents of the file.

Command: cat user.txt

Findout the user flag and submit to htb.

I need a sudo to get the root flag. We can manage with Python. Let’s do a little research on the Internet.

To do this, let’s look at the site GTFOBins.

Let’s check

Findout the root flag and submit to htb.

Good h4cks)

--

--

--

Hello, my name is Elman. I am from Azerbaijan. I wish you a good days

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

CosmWasm 1.0 Code Audit started

Week 6 — in Retrospect

How to secure Magento 1.x running on PHP 5.6 with PHP 7.2?

The Top 5 Skills Of A Great Tech Product Manager

High Level Synthesis: Friend or Foe?

Microcontent Architectures for DITA Deployments

Anxious Dyspraxic Learns to Code — Week 2 at Makers

Day 23 — Next Greater Element

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Al1z4deh:~# echo "Welcome"

Al1z4deh:~# echo "Welcome"

Hello, my name is Elman. I am from Azerbaijan. I wish you a good days

More from Medium

TRYHACKME SOURCE WRITEUP

TryHackMe — Carnage Writeup

Basic Pentesting CTF Walkthrough

HackTheBox — Shibboleth Writeup