OSCP Giveaway Challenge - Writeup
On 4th August, I received a message from my mentor Tanoy that Offensive Security is doing giveaway for OSCP voucher. But in order to participate in the giveaway, participants have to pwn a box on vulhub.com and submit the root flag on discord server.
So I thought let's give a try and to be honest it was a pretty easy box 😊. You can download the machine from the below link:
Download the VM and get the IP. In my case it was 10.0.2.10
Steps:
1. Start with nmap scan. After doing scan we noticed that port 22 and 80 are open.
2. Nmap scan reveals /secret.txt file present on the web server. After visiting the file we got some base64 encoded data.
3. Decode it and you will get OpenSSH private key.
4. Save decoded data in a text file. Use following command to connect on port 22.
5. Host a local server using python and transfer LinEnum.sh on target machine. After running LinEnum.sh, we noticed SUID set for bash.
6. After exploiting SUID, we got our flag.txt in root directory.
Now, submit your flag on Discord server.
Thanks for reading till the end! 😊
Was the voucher still exist?
ReplyDeleteIt's over mate :(
Delete