Second Boot2Root Moria
Hello Folks!
Link to the box :- https://www.vulnhub.com/entry/moria-11,187/
Rating :- 8/10
Time :- 2-3 hours
Welcome to the second Boot2Root, as always we started the box and did a arp-scan -l followed by the nmap scan to see any open ports to poke at
So we found a port 80 open without further delay let's head into that and see what it got?
I checked the source page for some info and it came out clean so nothing there to look at, moving on the dirb scan
visited w/ and found a directory /h it's all connected to http://192.168.1.161/w/h/i/s/p/e/r/the_abyss/ just click the links and says Dain:"Is that human deaf? Why is it not listening?" maybe there's something in the image? some audio file? or something hidden in the gate on the main page? i just googled what the main quote on page said after failed stegno attempts, so after a bunch of googling i found a hint "Mellon", so tried SSH and nothing came up then i tried to FTP with Anonymous and Mellon but it said "Welcome Balrog" so i tried "Balrog:Mellon" once i am inside the FTP i went to cd /var/www/html and found this "QlVraKW4fblkXau9zkAPNGzviT3UKntl" let's visit the page and see what we get?
So this looked like some hashes and i did an Inspect element right away to see if there's something more i can use and actually to my surprise this habit paid off with MD5 salts this time
So now we have username password and salt after a little bit of googling i found i can use this as
the correct format is User:Hash$Salt it's dynamic 6 we are supposed to use found this after a while on google after executing this with the john commands I came up with this :-
so now we have a username and the password to try let's get at it then and Ori:Spanky let us SSH on the box and BOOM we are in.
So it basically tells you that Moria is connecting back to the local host but what for? let's find out ..
the moment we connect back to localhost we see we are logged in as root and popped the box and get the final flag!
Thanks to Abatchy for this awesome box!
Thank You!
Link to the box :- https://www.vulnhub.com/entry/moria-11,187/
Rating :- 8/10
Time :- 2-3 hours
Welcome to the second Boot2Root, as always we started the box and did a arp-scan -l followed by the nmap scan to see any open ports to poke at
So we found a port 80 open without further delay let's head into that and see what it got?
visited w/ and found a directory /h it's all connected to http://192.168.1.161/w/h/i/s/p/e/r/the_abyss/ just click the links and says Dain:"Is that human deaf? Why is it not listening?" maybe there's something in the image? some audio file? or something hidden in the gate on the main page? i just googled what the main quote on page said after failed stegno attempts, so after a bunch of googling i found a hint "Mellon", so tried SSH and nothing came up then i tried to FTP with Anonymous and Mellon but it said "Welcome Balrog" so i tried "Balrog:Mellon" once i am inside the FTP i went to cd /var/www/html and found this "QlVraKW4fblkXau9zkAPNGzviT3UKntl" let's visit the page and see what we get?
so now we have a username and the password to try let's get at it then and Ori:Spanky let us SSH on the box and BOOM we are in.
Thanks to Abatchy for this awesome box!
Thank You!
amazing
ReplyDelete