MoneyBox (Vulnhub WalkThrough)
Vrijanandan Kumar
Cyber Security Enthusiast || CTF Player || Security Researchers || Passionate about Securing the Digital World || CEH
MoneyBox (Vulnhub WalkThrough)
Today I’m going to solve challenge MoneyBox Vulnhub WalkThrough.
01.)
Nothing is here
I foynd directory a blogs
Here found directory in source code?
Instresting is a secrete key?
2.) Port Scanning and Service Detection
3.) Here FTP Enumeration
I found a trytofind.jpg file, and downloaded this through get commandcommand?: get <filename >?
Then extract file
command to extract?: steghide extract -sf trytofind.jpg
I found credential username renu then?
04. ssh bruteforce?
I used hydra to crack the password of ‘renu’ user and got the password within 30 seconds. The password for the user ‘renu’ is ‘987654321’.
05. To ssh connected?
Here first Flag!
After that I came to know that another user ‘lily’ also exist in the server, so I moved to lily’s home directory and saw a?.ssh directory over there.
While enumerating the directory I got a ‘authorized_keys’ file in which ‘renu’ was mentioned, which means that renu can connect to ssh with lily without password.
That’s great?!!!.
5.) Privilege Escalation
The first thing that we check after getting the user shell is sudo and user lily has a sudo right in which lily can run perl command as root without password.
Here is last flag!
?Thanks for visiting?