Run a nmap scan to find for open ports.
Scanning all the ports.
Webserver does not show anything.
Run a gobuster scan to find for other directories.
Head to the admin page. Seens like a Pi-hole interface.
Search for default credentials.
Default credentials does not work for this interface.
Let’s try logging in via SSH.
First flag is found.
Switch user to root and cat the root.txt file.
Use the df command to find for all devices on the box
Check out the usbstick folder and a clue is given.
Use the strings command to find the flag.