Wednesday, September 27, 2017

VulnHub - GameOver vm - challenge 001

Challenge 001:
We start by using 'netdiscover' as a method to find the IP address of the 'server'.

We then continue with a quick 'nmap' scan of the 192.168.2.148 IP address, which yields:
root@kali:~# nmap -sT -p- -T4 192.168.2.148
Nmap scan report for 192.168.2.148
Host is up (0.00055s latency).
Not shown: 65530 closed ports
PORT      STATE SERVICE
22/tcp    open  ssh
53/tcp    open  domain
80/tcp    open  http
111/tcp   open  rpcbind
35867/tcp open  unknown

After scanning the site with 'nikto' and 'dirbuster' and browse the found directories, while leaving BurpSuite in passive mode, we notice that BurpSuite found a mails file, which contains the following:

##########
Everyone is here... xexexe!
----------------------------------------
Crazy Alice Alice@InWonderland.com
Nebu Chadnezzar NebuChadnezzar@OldKing.edu
Jo Raimontilinekergrobelar ShortName@badmail.com
Web Killer WebMurder@killer.ever.com
Don Quixote windmill@mail.spain
Crazy priest Exorcist@hotmail.com
Jasson Killer Friday13@JasonLives.com
Everything All AllweSaid@mail.com
Thiseas Sparrow Pirates@mail.gr
Black Dreamer SupaHacka@mail.com
Bond James MyNameIsBond@JamesBond.com
Poor Boy Millionaire@fmail.com
Blind Lynxeyed Linxblind@siou.com
Earl Dracula CarpathianServers@Blood.com
Tea Coffee sugar@dring.com
Whisky Vodka drink@drunk.com
###########

- from the information given, for the challenge we read:
"The only thing we remember is that he was hired on Friday the 13th!".
- so we are looking for a user that has an email the is somehow connected with this one information:
Jasson Killer Friday13@JasonLives.com

- while browsing the site and trying different logons, which failed, we notice something on the site, under:
</span>white, rabbit</font>

- we select the text on the main page, only to find white, rabbit as a hidden text!  
Moral: always look at the code and wrap the long lines!


- we try to logon with the username:white and the password:rabbit, and we are allowed to logon. Yay!

Browsing the site, we get to:
http://192.168.2.148/Hackademic_Challenges/ch001/main/Diaxirisths.php

- based on the description of the challenge, we have to send an email:
"You have to find his e-mail address and send it to us by using the central communication panel of the company's site."

I then received the message "Congratulations!" in green! :)

0 comments:

Post a Comment

About Us