Derpnstink: 1 Walkthrough

Walkthrough for the DerpNStink: 1 (https://www.vulnhub.com/entry/derpnstink-1,221/) CTF challenge image. Summary Flags Domains derpnstink.local Credentials Walkthrough A basic nmap ping scan finds the box. Throwing a fuller scan at it finds three services open and some details. [bash] root@kali:~# nmap -A -T4 192.168.195.214 Starting Nmap 7.60 ( https://nmap.org ) at 2018-03-20 14:44 AEDT Nmap scan report for 192.168.195.214 Host is up (0.00080s latency). Not shown: 997 closed ports PORT STATE SERVICE VERSION 21/tcp open ftp vsftpd 3.0.2 22/tcp open ssh OpenSSH

Read more

d0not5top: 1.2 – Walkthrough

Overview CTF Challenge attempted –¬†https://www.vulnhub.com/entry/d0not5top-12%2C191/ Walkthrough is incomplete – I’ll update as I go. Tips found from the setup: Initial import attempt of .ova file failed on VMWare Fusion – needed to retry with relaxed conditions Flags found are: Reconnaissance & Scanning First we find the host (extra output removed) [bash] root@kali:~/D0Not5top# nmap -sn 192.168.195.0/24 MAC Address: 00:0C:29:EA:52:D0 (VMware) Nmap scan report for 192.168.195.147 Host is up (0.00071s latency). Host is up. root@kali:~/D0Not5top# [/bash] A quick nmap scan turns up

Read more

DonkeyDocker 1 – Walkthrough

Overview CTF Challenge attempted – https://www.vulnhub.com/entry/donkeydocker-1,189/ Tip I found from the setup – if VMWare offers to upgrade the DonkeyDocker image, don’t do it. I did on mine & it broke the IP connectivity from Kali. This is my first attempt at a CTF, so was an enjoyable learning exercise. I’ve loosely grouped the steps taken below into Reconnaissance & Scanning, Access & Escalation and Exfiltration. Useful things I learnt along the way: Try simple things first before going with

Read more