VulnHub: DeathNote: 1

Al1z4deh:~# echo "Welcome"
4 min readMay 15, 2022

Today we will take a look at Vulnhub: DeathNote. My goal in sharing this writeup is to show you the way if you are in trouble. Please try to understand each step and take notes.

  • Network scan

Command: Command: sudo nmap -p- -sV -sC -oN nmap/open — open

  • Web pages

If there is such a problem when looking at the page, do it

Command: sudo nano /etc/hosts


Let’s take notes of everything you need on the page. (name, weird sentence, everything we will use)

light yagami
Soichiro Yagami

If we press the hint button, we will come across a sentence.

L’s comment is below. let’s note

my fav line is


  • Gobuster

Find Site Directories

Command: Command: gobuster dir -u -w /usr/share/wordlists/dirbuster/directory-list-2.3-medium.txt -x .php,.html,.txt

Let’s look at the robots.txt extension

We found a new directory.

.jpg file may be damaged. Let’s download.

Command: wget http://deathnote.vuln/important.jpg

Command: cat important.jpg

Indicates that the password will be in the Indian button on the site. So the password is ‘iamjustic3’

The entry can also be ‘kira’ or ‘l’. Let’s check.

  • Wordpress

Url- http://deathnote.vuln/wordpress/wp-login.php

user: kira pass: iamjustic3

There is such a .txt file on the media page.

Url- http://deathnote.vuln/wordpress/wp-content/uploads/2021/07/notes.txt

They look like a password. Let’s mark it as pass.txt.

Let’s add them to User.txt.


Let’s attack ssh.

  • Hydra

Command: hydra -L user.txt -P pass.txt ssh:// -V -t 4

user- l pass- death4me

  • Ssh

Command: ssh l@

it was brainfuck

Let’s decode

The /opt folder also has hints that will be useful to us

Let’s decode

  • Kira

Command: su kira

Let’s decode in cyberchef again

Let’s look at the / var folder

Command: cd /var
Commdn: cat misa

it is toooo late for misa

let’s check the privileges

Command: sudo -l


This means that we have authority over everything. Let’s root

Command: sudo su

And now we are the root

“If you have any questions or comments, please do not hesitate to write. Have a good days”