Category Archives: CTF’S

Bounty Hacker

///////////////////BOUNTY HACKER//////////////////                             |||]/ SCANNING \[||| Started the nmap scan — nmap -sC -sV -T3 10.10.167.41 Result — || Starting Nmap 7.91 ( https://nmap.org ) at 2021-07-24 23:23 IST Nmap scan report for 10.10.167.41 Host is up (0.36s latency). Not shown: 967 filtered ports, 30 closed ports PORT STATE SERVICE VERSION 21/tcp open ftp vsftpd 3.0.3 | ftp-anon: Anonymous FTP login allowed (FTP code 230) |_Can’t get directory listing: TIMEOUT | ftp-syst: | STAT: | FTP server status: | Connected to ::ffff:10.9.0.192 | Logged in as ftp | TYPE: ASCII | No session bandwidth limit | Session timeout in seconds is 300 | Control connection is plain text | Data connections will be plain text | At session startup, client count was 4 | vsFTPd 3.0.3 – secure, fast, stable |_End of status 22/tcp open ssh OpenSSH…

Read more

Cyborg

/////JOINED Cyborg CTF/////////   ———————–SCANNING Cyborg —————————- JUST STARTED AN NMAP SCAN – Result –: nmap -sC -sV 10.10.76.128 Starting Nmap 7.91 ( https://nmap.org ) at 2021-07-27 15:48 IST Nmap scan report for 10.10.76.128 The host is up (0.23s latency). Not shown: 998 closed ports PORT STATE SERVICE VERSION 22/tcp open ssh OpenSSH 7.2p2 Ubuntu 4ubuntu2.10 (Ubuntu Linux; protocol 2.0) | ssh-hostkey: | 2048 db:b2:70:f3:07:ac:32:00:3f:81:b8:d0:3a:89:f3:65 (RSA) | 256 68:e6:85:2f:69:65:5b:e7:c6:31:2c:8e:41:67:d7:ba (ECDSA) |_ 256 56:2c:79:92:ca:23:c3:91:49:35:fa:dd:69:7c:ca:ab (ED25519) 80/tcp open http Apache httpd 2.4.18 ((Ubuntu)) |_http-server-header: Apache/2.4.18 (Ubuntu) |_http-title: Apache2 Ubuntu Default Page: It works Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel ///————/// NMAP SCAN IS JUST COMPLETED AND WE FIND THE 2 OPEN PORTS 1.SSH 2.HTTP STARTED A GO BUSTER DIRECTORY SCAN – Result –: go buster dir -u http://10.10.76.128 -w /usr/share/wordlists/dirb/common.txt -z =============================================================== Gobuster v3.1.0 by OJ Reeves (@TheColonial) & Christian Mehlmauer (@firefart) =============================================================== [+] Url: http://10.10.76.128 [+] Method: GET [+] Threads: 10…

Read more

Bounty Hacker

\\\\\\ <<< LAZY ADMIN >>> \\\\\\ 🗺️ IT’S A EASY MACHINE IN TRYHACKME YOU HAVE TO GET 2 USER KEYS: — 🤨️ USER FLAG —– ROOT FLAG <<<<SCANING>>>> 1. Started a Nmap scan __= Nmap -A -T4 -p 1-3000 <ip> Founded two open ports -( ssh. HTTP ) 2. Started to go buster and scanned with dir mode with a common txt file __= go buster dir -u HTTP://<ip> -w /usr/share/wordlists/dirb/common.txt Here we will find many useful directories (found a new login page ) Don’t need to scan further. 3. By going into the browser to that login page we found it is on a sweet rice service. <<<<Lazy Admin ENUMARATION>>>> 1. Here we know that the service is running on sweet rice and now it’s time to check that there is any exploit is provided in exploit or not. 2. Here we found many exploits we need that backup…

Read more

Wonder Land

          //////JOINED Wonder land///////// –||/| SCANNING |\||–   STARTED NMAP SCAN — nmap -sC -sV -p 1-5000 -T3 10.10.5.154 Result — Nmap scan report for 10.10.5.154 The host is up (0.30s latency). Not shown: 4998 closed ports PORT STATE SERVICE VERSION 22/tcp open ssh OpenSSH 7.6p1 Ubuntu 4ubuntu0.3 (Ubuntu Linux; protocol 2.0) | ssh-hostkey: | 2048 8e:ee:fb:96:ce:ad:70:dd:05:a9:3b:0d:b0:71:b8:63 (RSA) | 256 7a:92:79:44:16:4f:20:43:50:a9:a8:47:e2:c2:be:84 (ECDSA) |_ 256 00:0b:80:44:e6:3d:4b:69:47:92:2c:55:14:7e:2a:c9 (ED25519) 80/tcp open http Golang net/http server (Go-IPFS json-rpc or InfluxDB API) |_http-title: Follow the white rabbit. Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel |||||||||||| As we can see only 2 ports are open till 5000. |||||||||||| STARTED GOBUSTER FOR FINDING THE DIRECTORIES — gobuster dir -u http://10.10.5.154 -w /usr/share/wordlists/dirb/common.txt -z Result — =============================================================== Gobuster v3.1.0 by OJ Reeves (@TheColonial) & Christian Mehlmauer (@firefart) =============================================================== [+] Url: http://10.10.5.154 [+] Method: GET [+] Threads: 10 [+] Wordlist: /usr/share/wordlists/dirb/common.txt [+] Negative Status codes: 404…

Read more

4/4