.png)
3 years ago
267 BOOK THIS SPACE FOR AD
ARTICLE ADQ1. Deploy the machine and connect to our network
(No answer needed)
Q2. Find the services exposed by the machine
(No answer needed)
Q3. What is the name of the hidden directory on the web server(enter name without /)?
Ans : development
Q4. User brute-forcing to find the username & password
(No answer needed)
Q5. What is the username?
We know SMB is open in port 139 and 445, so I tried hitting ports 139 and 445 to check for usernames.
I used enum4linux for this purpose. One can download the tool here.
Upon performing a scan, I got the below results.
Ans : jan
Q6. What is the password?
For this task, I used hydra to do a brute-force with rockyou.txt and got the below result.
Ans : armando
Q7. What service do you use to access the server(answer in abbreviation in all caps)?
Ans : ssh
Q8. Enumerate the machine to find any vectors for privilege escalation
(No answer needed)
Q9. What is the name of the other user you found(all lower case)?
Just enumerating, we found another user
Ans : kay
Q10. If you have found another user, what can you do with this information?
pass.bak wasn’t readable so maybe we can try to ssh.
(No answer needed)
Incomplete xD
Bengali (Bangladesh) · 
English (United States) ·