Meow writeup
Task 1
What does the acronym VM stand for?
Answer : Virtual Machine
A VM is a software-based emulation of a physical computer. It runs an operating system and applications just like a physical machine but operates within a software environment, known as a hypervisor, which allows multiple VMs to share the same physical hardware resources securely and efficiently.
This enables tasks such as running multiple OSes on one physical server, isolating applications for security, and testing software in different environments without needing additional physical devices. Task 2
What tool do we use to interact with the operating system in order to issue commands via the command line, such as the one to start our VPN connection? It's also known as a console or shell.
Answer : terminal
A terminal, in computing, is an interface that allows users to interact with the computer’s operating system via text-based commands. It provides a command-line interface (CLI) where users can execute commands, run scripts, and manage files and processes directly, as opposed to using a graphical user interface (GUI).
The terminal is essential for tasks that require precise control over the system and is commonly used by developers, system administrators, and power users. Task 3
What service do we use to form our VPN connection into HTB labs?
Answer : openvpn
OpenVPN is an open-source software application that implements virtual private network (VPN) techniques to create secure point-to-point or site-to-site connections. It uses custom security protocols to establish and encrypt data tunnels between endpoints, ensuring privacy and security over public or untrusted networks, such as the internet.
OpenVPN is widely used for secure remote access, connecting distributed networks, and enhancing privacy by masking IP addresses and encrypting internet traffic. Task 4
What tool do we use to test our connection to the target with an ICMP echo request?
Answer : ping
Ping is a network utility used to test the reachability of a host on an Internet Protocol (IP) network. It works by sending Internet Control Message Protocol (ICMP) Echo Request messages to the target host and listening for Echo Reply messages.
Ping measures the round-trip time for messages sent from the source to the destination and back, providing information about the latency and reliability of the connection. It is commonly used to diagnose network connectivity issues and to ensure that a host or network device is online and responsive. Task 5
What is the name of the most common tool for finding open ports on a target?
Answer : nmap
Try using :
nmap -sV HTB_Machine_IP (the sV flag gives you service/version info if possible)
Nmap (Network Mapper) is an open-source network discovery and security auditing tool. It is used to scan networks and identify the devices running on them, along with their operating systems, open ports, and available services.
Nmap helps network administrators and security professionals assess the security of their networks by detecting vulnerabilities and potential entry points for unauthorized access. It can also be used for network inventory, monitoring host or service uptime, and managing service upgrade schedules. Task 6
What service do we identify on port 23/tcp during our scans?
Try using :
telnet HTB_Machine_IP 23 The port 23 is the default one for telnet but that shows you how to specify another one if needed.
Answer : telnet
Telnet is a network protocol that allows for remote control over another computer via a text-based command-line interface. It enables users to connect to and manage remote devices over a network, typically using port 23.
However, Telnet does not encrypt the data transmitted, including login credentials, making it insecure for use over untrusted networks.
Due to its lack of security, Telnet has largely been replaced by more secure protocols like SSH (Secure Shell) for remote access and management. Task 7
What username is able to log into the target over telnet with a blank password?
After the successful connection to the machine, try entering root as the username when prompted.
Answer : root
In Unix-like operating systems (such as Linux), the root user is the administrative superuser with full control over the system. The root user has unrestricted access to all files, commands, and resources on the system.
It is similar to the "Administrator" account in Windows systems. Obviously, you will rarely find a root user with a blank password and even the possibility to login as root through telnet Task 8
Submit root flag
Once connected and logged in as root try using what's already on the machine (Living off the land) to discover stuff. Why not try a basic :
pwd (stands for "print working directory")
ls -la (list the contents of a directory, "l" flag will give you detailed information about each file and directory while the "a" flag lists all files, including the hidden ones)
Answer : Get your own !