Fawn — Tier 0 — HTB Starting Point

  First we need to connect to the “Starting point” VPN and spawn the machine


The IP address of the machine is 10.129.213.50. Next, check the connection to the machine using PING

ping -c 4 10.129.213.50

Now first we are going to use the tool Nmap for enumeration of the open ports and services running on the IP address

nmap -sV 10.129.213.50

The -sV switch stands for version detection

As we can see from the scan that the Port 21 is Open and is running FTP

What is FTP?

The File Transfer Protocol (FTP) is a standard communication protocol used to transfer computer files from a server to a client on a computer network. FTP is built on a client–server model architecture using separate control and data connections between the client and the server.

Let’s try and connect to FTP using the linux command line utility. A Log In Pops up

Now here we can do two things,

1.) A typical misconfiguration for running FTP services allows an anonymous account to access the service like any other authenticated user. The anonymous username can be input when the prompt appears, followed by any password whatsoever since the service will disregard the password for this specific account.

OR

2.) We can login using the default credentials ftp:ftp.

Once Logged In we can get list out the files and download the flag.txt using “get flag.txt”

The file will get downloaded into your system and We Have the flag!

Task 1

Task 2

Task 3

Task 4

Task 5

Task 6

Task 7

Task 8

Task 9

Task 10

Task 11

Now We Submit The Flag We Got.

Congratulations!! We have successfully Pwned The Machine

Comments

Post a Comment

Popular Posts