Alfa:1 Walkthrough/Write-up

Difficulty: Medium

  • Difficulty: Medium
  • Flag: 2 (user & root)
  • Enumeration | Web Application | Brute Force | Privilege Escalation
  • Format: Virtual Machine (Virtualbox — OVA)
  • Operating System: Linux Debian 10 (x64)
  • DHCP service: Enabled

Enumeration

When we enumerate using we get the following ports,

  • 21 — FTP
  • 80 — HTTP
  • 139/445 — SMB
  • 65111 — SSH

Hacking Steps

  1. Find the hidden directory in robots.txt.
  2. smb user enumeration may reveal the username thomas.
  3. Visit the directory to find some hints on the password for thomas account.
  4. go to ftp and get the image which is a hint for thomas pwd.
  5. login through SSH into thomas account.
  6. Find the VNC credentials in his directory.
  7. Log into the VNC and become root.