CAP Machine Walkthrough

Share on facebook
Share on twitter
Share on linkedin
Share on reddit
Share on email

Hi, This is a simple walkthrough of the CAP machine in HTB.

First I started scanning with Nmap:

nmap -sC -sV 10.10.10.104

This gave me no results. Then I browsed the web application and came to know that the application have Pcap analysis where everything showed 0. I tried changing values like 1,2,3 and tried 0 in the URL and got the values changed and I then downloaded the Pcap file and analysed it through Wireshark.

It had an ssh username and password open. I used it to connect it through ssh.

ssh nathan@10.10.10.245

I logged in here and listed the directories and files using the ls command and got to know that the flag is in cat user.txt and submitted the user flag.

Then used this python command to get root access.

python3.8 -c ‘import os; os.setuid(0); os.system(“/bin/bash”)’

Then I go to the root directory and get the root flag.

Thanks for reading.

CAP Machine Walkthrough was originally published in InfoSec Write-ups on Medium, where people are continuing the conversation by highlighting and responding to this story.

Read the article