Agent Sudo Challenge

Hi everybody! I am back with yet another CTF Challenge.

You all can try this challenge at https://tryhackme.com/room/agentsudoctf .

Let's Begin.

1. we have to enumerate the given Vm link to find how many service ports are open.

Nmap results will give you the no of open ports.

2. Now we have to redirect ourself to a secret page. if you visit the site it says that you have to use your own agent and the hint tells us to use agent C.

we can change our web browser agent through Dev tools or using external plugins from web store.

3. Now load the main page again and you will get a message.

4. Now we know the username and we also now he has a weak password. In nmap scan we found that a ftp port is open. we can use hydra on this port to find Chris's password.

Boom! we found his password.

5. login using ftp and list the directory. we find 3 files .

6. Download these files.

7. There is a message in To_agentJ.txt .

It says that the login password is in the fake pic's. This clearly indicates to use of Steganography.

8. using steghide we see that we need a passphrase to extract info from cute-alien.jpg , this password must be hidden in cutie.png . we use binwalk for this.

the scan shows a hidden zip file. use binwalk to extract it.

zip file is password protected. It's time to use Jtr.



using this extract To_agentR.txt.

this message gives us a base64 encoded message. converting it we get.

This is the password to steg file cute-alien.jpg



The message.txt reads:

Now we know the names of 2 agents and James ssh login password.

login using this password.

listing the directory you can find user-flag.txt .

you can download the picture through scp and using reverse image search find out about the event.

Now it's time for privesc . type sudo -l to know what your user can do.

we see that we cannot run /bin/bash command as root. googling about this gave us the exploit.

use this exploit to become root.

yay ! we did it.

So long! everybody.


Comments

Post a Comment

Popular posts from this blog

MetaCTF 2020 writeup

Image
Hi everybody! I recently took part in MetaCTF CyberGames 2020 which was held on 24 Oct. Here is the link if you want to try the challenges -  https://compete.metactf.com/30/ This is my writeup. Hope you all like it! WEB Exploitation 1. High Security Fan Page Description- Someone has changed the password to the admin panel. We have to find the password. On inspecting the source code we found a suspicious JavaScript being loaded into the page . On visiting the JavaScript we found the username and password to the admin panel. The Flag was the password to the panel. 2.  Everyone Loves a Good Cookie Description-  Cookies are used by websites to keep track of user sessions and help with authentication. Can you spot the issue with this site and convince it that you're authenticated? Upon visiting the page we found an input field and a submit button. We tried common password and hit submit. The page responds with a Set-Cookie parameter as shown below: We tried sending request by changing t
Read more

Mr. Robot Walkthrough

Image
Hello everybody! this is my first CTF walkthrough and i am very excited about it. I hope u all like it. I will be solving Mr robot CTF. You all can visit this link and try the lab for yourself its free https://tryhackme.com/room/mrrobot . 1. we will enumerate the target vm for services using nmap tool. we see that port 80 is open for http service. 2. we use gobuster on https://10.10.65.169:80 with . gobuster dir -u http://10.10.209.121:80 -w /usr/share/wordlists/dirbuster/directory-list-2.3-medium.txt we have found a directory named robots (coincidence! i think not). we traverse to robots directory and what do we find. it tells us about 2 files one is a key and other a dictionary. first we get the key. we will then download the fsocity.dic . 3. we will run nikto tool on the target vm to find hidden files. from above result we see that there is a log
Read more