InfoSecWarrior CTF: 1 Walkthrough

Here’s a new InfoSecWarrior CTF: 1 Walkthrough for Vulnhub machines. InfoSecWarrior CTF 2020: 01 is the first challenge of Infosec Warrior CTF 2020. This challenge was created by CyberKnight00 and MAALP1225. You can download here this CTF. It states the level is an Easy level and that is true so what. Either way, you explore a little if this is unfamiliar and that’s how you learn. This is the box designed for the beginners and wannabe hackers to cherish their pentesting skills. So, here we go.

InfoSecWarrior CTF 2020: 01 Walkthrough

Penetration Testing Methodologies

Network Scan

  •  Netdicover
  •  Nmap Enumeration

Enumeration

  •  Nikto
  • Password guessing
  • web enumeration

Privilege Escalation

  • Capture the Flag.
  • password
  • Sudo -l

Network Scanning

Without wasting much time a star with the obtaining IP address of the box. I use netdiscover and got the IP 192.168.2.13.

Let’s proceed with the network scan using Nmap aggressive scan as shown below.

Enumeration

The first thing we notice is port 80 is open and we see the Apache Test page on the web.

InfoSecWarrior CTF 2020: 01 Walkthrough

On further enumeration, I came across a /note.txt as shown below. and nothing important to see here.

InfoSecWarrior CTF 2020: 01 Walkthrough

There is the indexing of /sitemap.xml. Which lead to a new page /index.htnl

sitemap

The page consists of a gif. So I viewed the page source of the page.

meme

So I change the hidden part of the code and an “id ” command by /cmd.php 

inspect

It worked but not as I respected to be. it gave an error and a clue to use another methodology of HTTP. So I changed the method GET to POST for the form.

id

Yess I found you.  Now I tried to opening /etc/passwd/ 

InfoSecWarrior CTF 2020: 01 Walkthrough

On more enumeration, I open /cmd.php and found the password of the user isw0:123456789blabla

Got the user flag going for the root flag.

 

Eureka !!!!!! GOT THE FLAG

 

Leave a comment

WhatsApp us