City lights: Difference between revisions
From Pessin randon wiki
No edit summary |
No edit summary |
||
| Line 12: | Line 12: | ||
===Work in progress=== | ===Work in progress=== | ||
* | *gobuster dir -u http://shared.target05:1234 -w /usr/share/wordlist/dirb/common.txt | ||
* | *gobuster dir -u http://shared.target05:1234/blueberrylogin/ -w /usr/share/wordlist/dirb/common.txt | ||
*gobuster dir -u http://shared.target05:1234/blueberrylogin/admin/ -w /usr/share/wordlist/dirb/common.txt | *gobuster dir -u http://shared.target05:1234/blueberrylogin/admin/ -w /usr/share/wordlist/dirb/common.txt | ||
| Line 26: | Line 26: | ||
===Flag=== | ===Flag=== | ||
===Images=== | |||
[[File:Gobuster.JPG|thumb|Root direcotry gobuster]][[File:City-lights-gobuster-blueberrylogin.JPG|thumb|Blueberrylogin gobuster]] | |||
=== Links=== | === Links=== | ||
*[[CTF Challenges | Back to CTF Challenges page]] | *[[CTF Challenges | Back to CTF Challenges page]] | ||
Revision as of 12:16, 9 September 2022
Description
Light in the city have been turning on and off uncontrollably.
Logs shows access to the controller from strange IP addresses.
Admin have tried to gain access but with no luck.
You as a security expert have been tasked to bypass the login mechanism to read a crucial configuration file that allows engineer to turn light into manual control.
Question
Find the location of the configuration file and bypass login mechanism to read it.
Work in progress
- gobuster dir -u http://shared.target05:1234 -w /usr/share/wordlist/dirb/common.txt
- gobuster dir -u http://shared.target05:1234/blueberrylogin/ -w /usr/share/wordlist/dirb/common.txt
- gobuster dir -u http://shared.target05:1234/blueberrylogin/admin/ -w /usr/share/wordlist/dirb/common.txt
- blueberrylogin/admin/index.html ->
Error on line1: /var/core/config.dat | Invalid paramtere: Flag
Solution
Tools
Gobuster
Flag
Images
