Toppo: 1

[ vulnhub  ctf  walkthrough  ]

Goal

root

Download

https://www.vulnhub.com/entry/toppo-1,245/

Walkthrough

nmap
alt text
default 80 page
alt text
dirb
alt text
admin page/directory
alt text
notes with password and assuming user is ted
alt text
ssh as ted works
alt text
running linux privilege checker per usual
alt text
what’s this? already root??
alt text
downloaded a modified script to read /etc/shadow
alt text
running yields contents of /etc/shadow
alt text
using john the password is revealed
alt text
ssh as root works and flag revealed
alt text

Written on July 14, 2018
Share on: