Meow Machine - Hack The Box - Writeup

Pasted image 20230404010814.png

Recon

The first step to pwn the machine is te recon, we launch a nmap scan, I prefer to export the nmap scan to an grepeable file to have a order in the content but is not necessary.

Pasted image 20230404011121.png

Next I use a script in bash devolped by s4vitar and re run a nmap scan but with other parameters to know the service and version that running on the port.

Pasted image 20230404011319.png

An re run the scan with the following parameters:

Pasted image 20230404011520.png

We found Port 23 Open and running Telnet on it.

We attemp a session with Telnet:

Pasted image 20230404011917.png

Try with common users:

Pasted image 20230404011943.png

And the correct user in this case is root

Pasted image 20230404012031.png

First, when you enter to a machine is know who you are with the command whoami:

Pasted image 20230404012258.png

You are the user root, let see in what directory are you are:

Pasted image 20230404012410.png

The last thing is print the flag with the command cat:

Pasted image 20230404012512.png

And Congratulations! You have pwned your First Machine.

Summary

This machine is very easy, good for people new in hacking you learn about a missconfiguration in an insecure protocol like Telnet and how to recognize the services and ports .