Skip to content

iliyan89/underpass-writeup

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

8 Commits
README.md
README.md
 
 
underpass-write-up-iliev-iliyan.pdf
underpass-write-up-iliev-iliyan.pdf
 
 

Repository files navigation

UnderPass (HTB) CTF write-up

Objective

This is a write-up for UnderPass, an easy level difficulty vulnerable machine on HackTheBox. Note that at the time of this publication the machine is still active, so big spoilers and hints are to be used with caution. To access the full document with explanation, please download the PDF file from above.

Skills Learned

  • UDP port scanning
  • What is daloRadius and how does it work.
  • MD5 hash cracking
  • Mosh service, operation, and privilege escalation.

Tools Used

  • Kali Linux, and through it:
    • nmap
    • snmpwalk
    • hashcat
    • ssh
    • scp
    • manual PE enumeration
    • LinPEAS
    • mosh service
  • daloRADIUS

Steps

  1. UDP port scanning:

3-nmap-udp

  1. daloRADIUS login:

7-login-succ

  1. Users list:

9-users-list

  1. MD5 hash cracking:

10-hashcat 11-hash-cracked

  1. SSH & User flag:

12-ssh-user-1 13-user-flag

  1. scp file transfer of LinPEAS:

16-scp

  1. LinPEAS result:

18-linpeas-5-pe

  1. Mosh as sudo:

18-linpeas-6-mosh

  1. Mosh connection:

21-mosh-connect

  1. Root & the flag

22-root 23-root-flag

About

UnderPass CTF write-up (easy level)

app.hackthebox.com/machines/UnderPass

Topics

linux ssh nmap penetration-testing kali-linux hashcat mosh daloradius hackthebox hackthebox-writeups underpass

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published