HEADLESS! — Vulnerable Machine

Neelesh Patel
2 min readDec 13, 2021

--

This VM Image is beginner friendly machine. The object of the game is to acquire root access via any means possible (except actually hacking the VM server or player). There are more ways then one to successfully complete the challenges.

Download link 1: https://www.dropbox.com/sh/t04oh0gxags8k3u/AABCTCFDQ1fQpZkPrv7K2Pffa?dl=0

Download Link 2: https://drive.google.com/file/d/1Bj1Tbk1PHTFFCCFN1mMDjaJ1WprVXyyG/view?usp=sharing

Official Walk-through for the machine:

  1. Start enumerating machine by simple nmap scan considering all ports with -p- as a switch

nmap -p- -sCV — open -o nmap.txt $IP

2. FTP to the subsequent port found, enumerating the every directories you found and by downloading all the files at the same time we get:

3. You’ll find some images and encrypted text there..

3. Are these images are actually images???

(32 OR 64 OR ROT???) again?? (maybe?)

4. Remote login??? (Is it sec#red shell?)

5. Clearly by seeing the permissions given to .home.sh file, we can own the machine by manipulating the script as shown:

And by running the script as shown WE are ROOT!!!, the flag is waiting for you.

— — — — — — — — — — — — — — — — — — — — — — —

That’s all for now,

Until Next Time,

Feel free to ping me anytime:

https://www.linkedin.com/in/user-neeleshpatel/

--

--

Neelesh Patel

All I need is just my ten fingers and sometimes {coffee}, to talk to computers.