THM — Opacity
2024-2-14 20:46:35 Author: infosecwriteups.com(查看原文) 阅读量:18 收藏

Dfaults

InfoSec Write-ups

Opacity is a Boot2Root made for pentesters and cybersecurity enthusiasts. There are several ways to perform an action; always analyze the behavior of the application.

Photo by Daniel Schludi on Unsplash

Opacity is an easy machine that can help you in the penetration testing learning process.

There are 2 hash keys located on the machine (user — local.txt and root — proof.txt). Can you find them and become root?

💡 Hint: There are several ways to perform an action; always analyze the behavior of the application.

We start by adding the given IP to the /etc/hosts file in case there are any DNS issues down the line. Next, we go directly into an Nmap scan to see if there are any open ports.

root@ip-10-10-226-222:~# nmap -sT -sV -sC -p- opacity.thm
Starting Nmap 7.60 ( <https://nmap.org> ) at 2024-01-16 13:14 GMT
Nmap scan report for opacity.thm (10.10.18.86)
Host is up (0.0037s latency).
Not shown: 65531 closed ports
PORT STATE SERVICE VERSION
22/tcp open ssh OpenSSH 8.2p1 Ubuntu 4ubuntu0.5 (Ubuntu Linux; protocol 2.0)
80/tcp open http Apache httpd 2.4.41 ((Ubuntu))
| http-cookie-flags:
| /:
| PHPSESSID:
|_ httponly flag not set
|_http-server-header: Apache/2.4.41 (Ubuntu)
| http-title: Login
|_Requested resource was login.php
139/tcp open netbios-ssn?
| fingerprint-strings:
| SMBProgNeg:
|_ SMBr
445/tcp open microsoft-ds?
| fingerprint-strings:
| SMBProgNeg:
|_ SMBr
2 services unrecognized despite returning data. If you know the service/version, please submit the following fingerprints at <https://nmap.org/cgi-bin/submit.cgi?new-service> :
==============NEXT SERVICE FINGERPRINT (SUBMIT INDIVIDUALLY)==============
SF-Port139-TCP:V=7.60%I=7%D=1/16%Time=65A6814B%P=x86_64-pc-linux-gnu%r(SMB
SF:ProgNeg,29,"\\0\\0\\0%\\xffSMBr\\0\\0\\0\\0\\x88\\x03@\\0\\0\\0\\0\\0\\0\\0\\0\\0\\0\\0\\0\\0\\
SF:0@\\x06\\0\\0\\x01\\0\\x01\\xff\\xff\\0\\0");
==============NEXT SERVICE FINGERPRINT (SUBMIT INDIVIDUALLY)==============
SF-Port445-TCP:V=7.60%I=7%D=1/16%Time=65A68146%P=x86_64-pc-linux-gnu%r(SMB
SF:ProgNeg,29,"\\0\\0\\0%\\xffSMBr\\0\\0\\0\\0\\x88\\x03@\\0\\0\\0\\0\\0\\0\\0\\0\\0\\0\\0\\0\\0\\
SF:0@\\x06\\0\\0\\x01\\0\\x01\\xff\\xff\\0\\0");
MAC Address: 02:CA:B6:16:9D:5B (Unknown)
Service Info: OS: Linux; CPE…

文章来源: https://infosecwriteups.com/thm-opacity-6e7b487963e0?source=rss----7b722bfd1b8d---4
如有侵权请联系:admin#unsafe.sh