Difficulty: ♦
Tags: Telnet | Network | Protocols | Reconnaissance | Weak Credentials | Misconfiguration
Series: Starting Point
Very Easy box, so much so that it should not take you more than 5 minutes. This box is pointed toward a misconfiguration on Telnet, allowing us to use the root as the user without having to provide a password. This box and series are formatted like TryhackMe, where you answer a question until you get to the flag.
FYI: Telnet is an outdated protocol that should not be used as we have better and more secure protocols like SSH. One of the most significant disadvantages of Telnet is that anyone sniffing the traffic can see communication in clear text. Let’s begin!
TASK 1
What does the acronym VM stand for?******* ******e
- Virtual Machine
TASK 2
What tool do we use to interact with the operating system in order to issue commands via the command line, such as the one to start our VPN connection? It’s also known as a console or shell.*******l
- Terminal
TASK 3
What service do we use to form our VPN connection into HTB labs?******n
- OpenVPN
TASK 4
What is the abbreviated name for a ‘tunnel interface’ in the output of your VPN boot-up sequence output?***
- tun
TASK 5
What tool do we use to test our connection to the target with an ICMP echo request?***g
- ping
TASK 6
What is the name of the most common tool for finding open ports on a target?***p
- nmap
TASK 7
What service do we identify on port 23/tcp during our scans?*****t
- Telnet
TASK 8
What username is able to log into the target over telnet with a blank password?***t
- root
Use command:
telnet <target_machine_IP> 23 -l root
SUBMIT FLAG
Submit root flag********************************
Observe: root@Meow
Commands:
ls
cat flag.txt
- b40abdfe23665f766f9c61ecba8a4c19