HEADLESS! — Vulnerable Machine
This VM Image is beginner friendly machine. The object of the game is to acquire root access via any means possible (except actually hacking the VM server or player). There are more ways then one to successfully complete the challenges.
Download link 1:
https://www.dropbox.com/sh/t04oh0gxags8k3u/AABCTCFDQ1fQpZkPrv7K2Pffa?dl=0Download Link 2: https://drive.google.com/file/d/1Bj1Tbk1PHTFFCCFN1mMDjaJ1WprVXyyG/view?usp=sharing
Official Walk-through for the machine:
- Start enumerating machine by simple nmap scan considering all ports with -p- as a switch
nmap -p- -sCV — open -o nmap.txt $IP
2. FTP to the subsequent port found, enumerating the every directories you found and by downloading all the files at the same time we get:
3. You’ll find some images and encrypted text there..
3. Are these images are actually images???
(32 OR 64 OR ROT???) again?? (maybe?)
4. Remote login??? (Is it sec#red shell?)
5. Clearly by seeing the permissions given to .home.sh file, we can own the machine by manipulating the script as shown:
And by running the script as shown WE are ROOT!!!, the flag is waiting for you.
— — — — — — — — — — — — — — — — — — — — — — —
That’s all for now,
Until Next Time,
Feel free to ping me anytime:
