Cap | Hack The Box | Write-up

Banner of Cap — Hack The Box
Source : Hack the Box official website

Hlo there!!

Welcome back to another blog, in this blog I will solve “Cap” a vulnerable machine of Hack the Box which was released on 5 June 2021 .

So lets start by doing Nmap scan on the target ip…

Nmap scan
Nmap scan
Source : my device

By looking at the result of Nmap scan we can confirm that 3 ports are open :- Port 21 : FTP, Port 22 : SSH & Port 80 : HTTP

Since HTTP is the largest attacking surface, it is recommended to have a look on it first…

Homepage of website
Homepage of website
Source : my device

This is the default homepage of the website. You can see that there’s a column on the left side of the website “Security Snapshots (5 Second PCAP + Analysis)”. We can get some juicy information from there, so lets click on it….

Source : my device

You can see that there is an option to download the PCAP file, download it into your local machine… Make sure to change the parameter to 0 or

http://ip_add/data/0

Now lets open the PCAP file in Wireshark and analyze it…

FTP crdentials
FTP crdentials
Source : my device

Here we got the login credentials of FTP user…

nathan : Buck3tH4TF0RM3!

Login to FTP port using the creds above…

Log-in FTP
Log-in FTP
Source : my device

We got the user flag or user.txt

User flag : f48271872b352ced2e9d88e3448441df

SSH was also running, lets login using the FTP creds which we got earlier…

Log -in SSH + Root privilege + Root flag
Log -in SSH + Root privilege + Root flag
Source : my device

Login was successful, and we also got the root privilege by running :-

python3 -c ‘import os; os.setuid(0); os.system(“/bin/sh”)’

Root flag : 8c77dce57fd3b13f5194ce16360c7598

Thanks for reading.

For any queries just dm on Instagram @ig._.anshu

Just a 15 years old cybersecurity enthusiast 👾