HackTheBox — Meow

Meow is boot2root CTF on HackTheBox. It has the difficulty “very easy” and is part of the Tier 0 starting point machines.

Enumeration

I’ve started with a Nmap scan with the following parameters:

sudo nmap -p- 10.129.1.17 -sC -sV -oN nmap/initial

This will scan all ports on the target, as well as invoke scripts and version enumeration. Finally it will output the results into “intial”-file in “nmap” directory.

After running Nmap, there was only one port open. Port 23 was serving Telnet:

Connecting

I have used “telnet” command to connect to port 23:

telnet 10.129.1.17

After connection you have to type in a username and password.

I have used the username “root” and an empty password. This granted me a root shell on the target. Finally I was able to read the root flag.

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store