HTB CTF 2024 - Vault Of Hope - Coding - Computational Recruiting Solution

The crew hacks into an abandoned fertilizer plant's network, searching for the password to gain full access to a crucial control device.

Started hacking the OSCP playground box and connected with learning music. Found an open FTP port and logged in anonymously. Discovered an SSH ID file for Hannah and downloaded it. Set proper permissions and connected to Hannah's shell. Found user.txt file.

The given target is 192.168.186.23. Recon reveals open ports and services including SSH and HTTP. Dirbuster identifies directories. The main site has an admin login page. Using a hydra command, admin:admin login credentials are found. A search for exploits leads to an arbitrary file upload to RCE vulnerability. A shell is obtained. Privilege escalation is performed by upgrading the shell, running linpeas, and finding the root password. Access is gained as root. Proof.txt contains the proof.

The text provides information about scanning an IP address and discovering open ports including FTP, SSH, and HTTP. It also identifies a WordPress site and conducts a password attack to gain access. A reverse PHP shell is used to modify a page. A local privilege escalation vulnerability is exploited and a kernel exploit is compiled and sent to the target, but it cannot be executed due to library mismatch. Linpeas is transferred and run, revealing the WordPress database credentials. The root password is cracked and the proof.txt file is accessed.

Scan results indicate open ports on target IP 10.10.55.49 with potential vulnerabilities. Exploits for known vulnerabilities were searched using msfconsole and a payload was set for Windows. Delivery and privilege escalation steps were performed successfully.