TryHackMe CTF b3dr0ck
Zakwan Abid
Senior Cyber Security Consultant | OSCP l eCPPT | CEH | Penetration Tester | IT/ CS Auditor | GRC Specialist
Hello, guys back again with another walkthrough. This time we are going to get our hands dirty on CTF (b3dr0ck) from TryHackMe .
Enumeration through NMAP:
mp -sC -sV -A [IP]
After scanning go to web browser and check what's running on this IP
Here from the above picture barney is saying the port is over 9000!?
So here, I sense from the Nmap scan there is only one port which exceeds from 9000 and that was 9009 let's go and check it out further.
First, i checked netcat session on port 9009 if it's listening to something and in the below picture you can see that it's listening to ABC Server;
After got access on netcat, It was asked what I'm looking for??
I simply type help and i got
Now we know we have to find out 2 keys which is CERT and KEY
Then I type public and then private and got both keys
Now copy those keys and save them for further testing.
Now login to the SSL service which is running on port 54321 using following cmd:
socat stdio ssl:MACHINE_IP:54321,cert=<CERT_FILE>,key=<KEY_FILE>,verify=0
Here I got login access, Now i type help and got the password of the user barney
Now login with ssh using this passsword
Here i got flag of the barney user.
领英推荐
2. Finding Fred Password.
Now go to this directory and check?
sudo /usr/bin/certutil ls
Now check fred.certificate.pem directory
sudo /usr/bin/certutil cat fred.certificate.pem
Here i got the certificate and private key of the fred account. Save these keys
Now login to fred account with these keys with the same cmd as i used in barney account
socat stdio ssl:MACHINE_IP:54321,cert=<CERT_FILE>,key=<KEY_FILE>,verify=0
Here i got the password of the fred account?
3. Finding fred.txt flag
Now login with this password using ssh and get fred.txt flag
4. Finding root.txt flag.
Now go to https://crackstation.net/ and crack the hash we get above
After getting password of the root account go to terminal and get the flag
That's all guys the CTF is done. We have successfully capture FOUR flags. And i got full 120 points:
I hope you enjoyed the walkthrough if did like for me down below and follow me as well so that you won’t miss any upcoming future walkthroughs. Bye!