Discover the tools to build your own vision.

— Another method of Encryption.

— It was known for its “non-reversible” nature. Simply put, it cannot be decrypted.

But brutal we tech people are. 😈

Developed many tools/websites which can easily “identify” the type of hash as well as can “decrypt”…

Tools and Commands Used To Solve This Room.

* All answers found using “Zenmap”.

  • How many ports are open?
    * 3 ports.
  • What is the version of nginx?
    * Version is 1.16.1.
  • What is running on the highest port?
    * Apache Service running on the highest port.

Tools and Commands used to solve this room.

  1. Found Via Zenmap.
    open port (21, 22, 80)
    open FTP service on port 21 with anonymous credentials.

2. FTP service is open which means check the IP source page on the browser.

3. Web page has image and source page asking for steganography.

1. image cracked via stegcracker.
- new file created.
- read (‘cat’) file to find Holts password.

2. SSH to holt’s with IP.
— (ls — will show user file) — [user flag]
— (sudo -l, will show /bin/nano to read ‘sudo /bin/nano root/root.txt) — [root flag]

Tools used to find the answer.

#1 Deploy the machine and connect to our network.

  • ( Completed ).

#2 Find the services exposed by the machine.

  • ( 80, 22, 139, 445,..) Via Nmap/Zenmap.

#3 What is the name of the hidden directory on the webserver(enter name without /)?

  • ( ‘/development’, Found Via dirsearch ).

#4 User…

Sana Qazi

Sana Qazi is a Technical Writer specialized in Information Security. She is a writer by day and a reader by night.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store