Open in app

Sign in

Write

Sign in

CAP HTB WALKTHROUGH

Buğra YELER
2 min readJul 23, 2021

Hello everyone , in this story I will be sharing my writeup for Cap is an active and easy Linux machine at Hackthebox.

NMAP

Now, I start Nmap scan.

Now, we can see that FTP, SSH and HTTP ports are open.

PORT 80 (HTTP)

I checked that are there any vulnerability in website. Security Events and Failed Login Attempts grabs my attention. After that, I clicked Security Snapshot (5 Second PCAP + Analysis).

I saw that the 0th data isn’t null and download it.

After opening this file with wireshark, username and password that coming with the FTP protocol attract my attention. I can connect this SSH port with this username and password.

Username: nathan

Password: Buck3tH4TF0RM3!

I connected the system with using username and password with SSH port. After that, I captured user flag. I need privilege escalation to get other flag.

I can get privilege with python so that I searched python privilege command at internet.

python3 -c ‘import os; os.setuid(0); os.system(“/bin/sh”)’

I found this command to get privilege.

I entered this command to get a root shell and I can get root flag.

Don’t forget to follow for such walkthroughs.

Htb Writeup
Hackthebox
Htb
Hackthebox Writeup
Hackthebox Walkthrough

--

--

Buğra YELER

Written by Buğra YELER

19 Followers

Security Researcher & Incident Responder

Help

Status

About

Careers

Blog

Privacy

Terms

Text to speech

Teams