TryHackMe

Dig Dug is an Easy level CTF on TryHackMe. It has the following challenge description:

Oooh, turns out, this 10.10.149.70 machine is also a DNS server! If we could dig into it, I am sure we could find some interesting records! But... it seems weird, this only responds to a special type of request for a givemetheflag.com domain?

After running the following dig command, I was able to retrieve the flag.

dig @10.10.149.70 givemetheflag.com

--

--

HackTheBox

Unified is a boot2root machine on HackTheBox. It has “Very Easy” difficulty and is part of starting point challenges.

Enumeration

I started the enumeration phase with an Nmap scan. The following Nmap command will scan all ports of the target as well as using scripts and version enumeration. After the scanner finishes it will output everything in a file called “initial” inside the “nmap” directory.

sudo nmap 10.129.188.46 -p- -sC -sV -oN nmap/initial -vv

The target machine has the following ports open: 22, 6789, 8080, 8443, 8843, 8880. These ports include an SSH server and a web server. On port 8443 the web interface of UniFi network is running. The version of the network is 6.4.54.

That version of the UniFi web interface is vulnerable to CVE-2021–44228.

--

--

Rabbit

Rabbit

161 Followers

Passionate about Cyber Security. I am publishing CTF Writeups and Cybersecurity Content!