π»{THM} Anonymous
Last updated
Last updated
Try to get the two flags! Root the machine and prove your understanding of the fundamentals! This is a virtual machine meant for beginners. Acquiring both flags will require some basic knowledge of Linux and privilege escalation methods.
Let start with running script nmap to find any open port. Use normal command as usual.
Notice 4 open port here. But more interesting part is no web port is open and for ftp it allow anonymous login.
Let move straight to ftp port.
We got access to it. So So so dangerous. Let search directory on it. It shown that this machine have another directory scripts. Let download it to our machine.
Go check everything. Just simple notes but for log and shell, it contain some valuable. YOUKNOWHATTODO. I do check shell
This mean, it will clean up any temp file and put it in log. It same log as we check. From here, we can try put anything to test how it work. For this, I do check with putting another file to see it function. After several time, my files appear.
From this, I found that this shell run automatically, since it run automatically, I try to put my payload on it.
Waiting few second till it run,
We in just like that. Here we can see the first flag,.
Next for escalation part, since we donβt have password we cannot run sudo on this. I do check with other method.
find / -user root -perm /4000
Let escalate that env. Using env /bin/sh -p
Now we become root.