Exploit Exercises Nebula 5: Level 08 Write Up

Exploit Exercises Nebula 5: Level 08 Write Up

Level: https://exploit-exercises.com/nebula/level08/

World readable files strike again. Check what that user was up to, and use it to log into flag08 account.

To do this level, log in as the level08 account with the password level08. Files for this level can be found in /home/flag08.

What’s that capture.pcap? Lets load that in Wireshark.

Lets open our Kali VM.

Open capture.pcap in Wireshark.
Right click on the first entry, mouse over Follow and click on TCP Stream.

screen-shot-2016-09-20-at-1-26-17-pm

This shows us some useful information.
screen-shot-2016-09-20-at-1-28-55-pm

backdoor…00Rm8.ate

It looks like an authentication prompt. If we select HexDump and look closer we can see those dots are actually the \x7D ASCII charature called DEL for Delete.

The password then should be:
backdoor
backd
backd00Rm8
backd00Rm
backd00Rmate

Lets try login to flag08 with the password of backd00Rmate and run getflag

You have successfully executed getflag on a target account.

Leave a Reply

Your email address will not be published. Required fields are marked *