⚡Simple CTF
1.How many services are running under port 1000?
ANS:- 2
2.What is running on the higher port?
ANS:- SSH
3.What's the CVE you're using against the application?
ANS:- CVE-2019-9053
4. To what kind of vulnerability is the application vulnerable?
ANS:- Sqli
5. What's the password?
- Here, we found a CVE that we could exploit. We downloaded the corresponding program and ran it, which allowed us to discover the password. To run the program, we used the '-u' flag to specify the URL (e.g. https://IP/simple), and the '-w' flag to provide a wordlist for the program to use.
ANS:- secret
6. Where can you login with the details obtained?
ANS:- SSH
7.What's the user flag?
ANS:- G00d j0b, keep up!
8. Is there any other user in the home directory? What's its name?
ANS:- sunbath
9. What can you leverage to spawn a privileged shell?
ANS:- VIM
10.What's the root flag?
ANS:- W3ll d0n3. You made it!
Last updated