CTF Year of the Rabbit

CTF steganography
Created At :
Count:178 Views 👀 :
  1. rustscan
  2. gobuster
  3. sup3r_s3cr3t_fl4g.php
  4. Crack FTP
  5. Connect to ftp
  6. SSH

rustscan

rustscan -a 10.10.101.203

PORT STATE SERVICE REASON
21/tcp open ftp syn-ack
22/tcp open ssh syn-ack
80/tcp open http syn-ack

gobuster

gobuster dir -u http://10.10.101.203 -x txt,html,php -w /usr/share/wordlists/dirbuster/directory-list-2.3-medium.txt

Inside style.css:

sup3r_s3cr3t_fl4g.php

I’m forced to watch it.
He say, your looking at the wrong place.
So open burpsuit:

http://10.10.101.203/WExYY2Cv-qU/ is the hiden directory.

This is the picture:

I donwload it and do a strings on it.

We have a user with lot of passwords, let’s try them with hydra.

Crack FTP

user: ftpuser

hydra -l ftpuser -P passwords.txt ftp://10.10.101.203 -V

password: 5iez1wGXKfPKQ

Connect to ftp

File: Eli’s_Creds.txt

Brainfuck
https://www.dcode.fr/brainfuck-language

User: eli
Password: DSpDiM1wAEwid

SSH

Gwendoline is a user ?
I don’t have the time to to the rest. I’m going back to work in few minutes.

But I saw this file who can be interesing:

I will continue later.

©2021 Peanutstick's Blog

Built with Hexo and 3-hexo theme