Hack the ch4inrulz: 1.0.1 (CTF Challenge)

Hack the ch4inrulz: 1.0.1 (CTF Challenge)

Rajpal Singh Rajpal Singh

Rajpal Singh

Founder at Hacking Articles | Cyber Security Consultant

发布日期: 2018年8月12日
+ 关注

Hello readers and welcome to another CTF challenge. This VM is made by Frank Tope as you’ll see in the very homepage on the server’s website (his resume). Nice touch, if I might add. Anyhow, you can download this VM from vulnhub here. The aim of this lab is to get root and read the congratulatory message written in the flag.

I would rate the difficulty level of this lab to be intermediate. Although, there were no buffer overflows or unnecessary exploit development, yet it did make us think a little.

Steps Involved:

  1. Port Scanning and IP clutching.
  2. Directory busting port 80.
  3. Directory busting port 8011.
  4. Discovering LFI vulnerability.
  5. Discovering an HTML backup file.
  6. Cracking password hash
  7. Logging in /development
  8. Uploading a PHP shell disguised as GIF file.
  9. Bypassing the check and triggering the file to get a netcat shell.
  10. Privilege escalation to get flag.

Alright then, let’s head into the VM all the way in.

Full Article Read Here

要查看或添加评论,请登录

Rajpal Singh的更多文章

  • Born2Root: 2: Vulnhub Walkthrough
    2019年5月11日

    Born2Root: 2: Vulnhub Walkthrough

    Hello Friends!! Today we are going to take another CTF challenge named “Born2Root: 2”. The credit for making this VM…

    1 条评论
  • dnscat2: Command and Control over the DNS
    2019年4月2日

    dnscat2: Command and Control over the DNS

    In this article, we learn DNS tunnelling through an amazing tool i.e.

    9 条评论
  • HackInOS:1: Vulnhub Lab Walkthrough
    2019年3月14日

    HackInOS:1: Vulnhub Lab Walkthrough

    Hello friends! Today we are going to take another boot2root challenge known as “HackInOS: 1”. The credit for making…

    2 条评论
  • unknowndevice64: 1: Vulnhub Lab Walkthrough
    2019年3月11日

    unknowndevice64: 1: Vulnhub Lab Walkthrough

    Hello friends! Today we are going to take another boot2root challenge known as “unknowndevice64: 1”. The credit for…

  • Hack the Box Access: Walkthrough
    2019年3月3日

    Hack the Box Access: Walkthrough

    Today we are going to solve another CTF challenge “Access”. It is a retired vulnerable lab presented by Hack the Box…

    2 条评论
  • Vulnhub: RootThis: 1 Walkthrough
    2019年3月2日

    Vulnhub: RootThis: 1 Walkthrough

    Hello friends! Today we are going to take another boot2root challenge known as root this. The credit for making this VM…

  • Vulnhub: Kuya: 1 Walkthrough
    2019年3月2日

    Vulnhub: Kuya: 1 Walkthrough

    Today we are going to solve another CTF challenge “Kuya”. It is another vulnerable lab presented by vulnhub for helping…

  • Matrix 2: Vulnhub Lab Walkthrough
    2019年3月2日

    Matrix 2: Vulnhub Lab Walkthrough

    Today we are going to solve another Boot2Root challenge “Matrix 2”. It is another vulnerable lab presented by vulnhub…

    1 条评论
  • W34kn3ss 1: Vulnhub Lab Walkthrough
    2019年3月2日

    W34kn3ss 1: Vulnhub Lab Walkthrough

    Today we are going to solve another CTF challenge “W34kn3ss 1”. Briefing about the lab, the matrix is controlling this…

  • Pentest Lab Setup on Memcached
    2019年2月16日

    Pentest Lab Setup on Memcached

    In this article, we are going to learn about pen-testing in Memcached lab setup in Ubuntu 18.04.

社区洞察

其他会员也浏览了