Hack the Nightmare VM (CTF Challenge)
Today we are going to solve Wallaby’s Nightmare CTF which is a new VM challenge of vulnhub where attacker has to achieve root flag of the targeted VM machine; you can download it from here.
LET’S BEGIN!
As we always start from network so that we can have target IP. In your kali Linux open the terminal and type netdiscover, now from screenshot you can see list of IP. Here 192.168.0.101 is my target IP.
Enumerate the target through aggressive scan; type following command for nmap scanning:
nmap -p- A 192.168.0.101
So here I found three ports 22, 80, 6667 are open.
Since port 80 is open I look toward browser and explore target ip 192.168.0.101 where I found a comment “enter a username to get started with this CTF” then I type the name “RAJ” and click on submit so that we could move forward into start the game.
When I clicked on submit tab it linked to next web page where you can read the assign username for this CTF from screenshot now we can start this CTF when we will click on given link start the CTF!
Next web page open with exclusive warning that Mr. Wallaby found raj is trying to penetrate inside the server so user “raj” is under his observation. Then soon after reading this threat I observe at its URL I thought it might be vulnerable to etc/passwd same as LFI attack.
Then I try browse following in URL 192.168.1.101/?page=/etc/passwd though the web page stand up with raw data but nothing was quite useful in this web page. And when I refresh it I lose connection from port 80. As raj was threaten by Wallaby 😉
Again I move toward nmap so that I can make sure about port 80 but here I found a new port 60080 is open for http service as you can perceive this thing from given screenshot.
Then I next my next tool dirb
Dirb http://192.168.0.101:60080/?page=
Now from screenshot you can see the result and currently we will look toward highlighted directory.