Cybersploit 1

Writeup for the Cybersploit 1 CTF

Downloadlink :

3 Flags in total & gain root access

Recon -> Enumerate -> Weaponize -> Exploit

  1. Locate vulnerable machine IP address by using netdiscover Ip : (^ip address will be diffrent on your machine)
  2. Scan for open ports using NMAP. nmap -sV -p- -v

-nmap results-

22/tcp open ssh OpenSSH 5.9p1 Debian 5ubuntu1.10 (Ubuntu Linux; protocol 2.0)

80/tcp open http Apache httpd 2.2.22 ((Ubuntu))

  1. use DIRB tool to explore http port. : dirb http: //

-dirb results-

—- Scanning URL: http: // —-

  • http: // (CODE:403|SIZE:290)
  • http: // (CODE:200|SIZE:3757743)
  • http: // (CODE:200|SIZE:2333)
  • http: // (CODE:200|SIZE:2333)
  • http: // (CODE:200|SIZE:79)
  • http: // (CODE:200|SIZE:79)
  • http: // (CODE:403|SIZE:295)
  1. Explore the robot.txt link and the following encrypted message will appear:


  1. use a base64 decoder and the first flag will be uncovered.

🏴‍☠️ Flag1: cybersploit{}

  1. Access the http: // link and inspect the source code. A username called itsskv will be shown.
  2. Use SSH to gain access ssh itsskv@@ ,password = cybersploit{
  3. Once gaining access to the machine , ls and cat the flag2.txt. A binary code will be shown. Use a binary decoder to get the 2nd flag.

🏴‍☠️ flag2: cybersploit{}

  1. Use the uname -a* command to find out information about the system.

Linux cybersploit-CTF 3.13.0-32-generic #57~precise1-Ubuntu SMP Tue Jul 15 03:50:54 UTC 2014 i686 i686 i386 GNU/Linux

  1. cat etc/issue to find operation system info

Ubuntu 12.04.5 LTS \n \l

  1. Search online for the Ubuntu 12.04.5 exploit

exploit db 🔗

  1. Use SCP to transfer the exploit from attacking machine to the vulnerable machine by

scp 37292.c itsskv@

  1. copy the file to the tmp folder cp 37292.c /tmp/
  2. Complile the exploit gcc 37292.c
  3. Excute the malicous code ./a.out
  4. Use the command id and whoami to check if there is root access
  5. cat /root/finalflag.txt to gain access to the final flag

🏴‍☠️ Flag3: cybersploit{Z3X21CW42C4 many many congratulations !}


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s