Munirah Binte Mohamad
Enumerate the machine and get all the important information.
Qn1. How many open ports?
nmap -sC -sV -A -Pn <Target IP Address>
-sV : Get the version of the services running on the ports.
-A: Detect OS and Services
-Pn: Scan port numbers (It was redundant, in this case)
Answer: 3
**Qn2. How you redirect yourself to a secret page? **
Since port 90 is open, it means we can access the HTTP of the IP Address. Thus, open up a browser and enter the ip address of the target machine.
Answer: User-Agent
Qn3. What is the agent name?
We know that Agent R exist. So, let's try finding Agent's R homepage.
-A : Identify User-Agent string
-L / -v : Verbose information (Long vers. information)
Alright, at least we managed to get Agent R's page. Since the agent's names are in letters, we should try all 26 alphabets until we find something.
I tried A and B but it produces the same body context as R. But, C produced a different result.
Answer: Chris
Done Enumerating the machine? Time to brute your way out.
Qn1. FTP password
Using Hydra to brute force the FTP login.
hydra -l chris -P /usr/share/wordlists/rockyou.txt -vV <Target IP Addr> ftp
Use the command below to access the FTP Server.
ftp <Target IP Addr>
After gaining access to the FTP Server, use the following command to download the file to your local computer current directory.
mget <file name>
Repeat the same steps for the other 2 files to download them to your local directory.
Once the files have been download, read the "To_agentJ.txt".
Qn2. Zip File Password
Form the textfile above, we know that the password is stored in either one of the pictures. Use the binwalk command to check if there is anything in the pictures.
It seems like cutie.png has a zip data compressed in the file. Thus, to extract the files within the PNG file, we can sue the binwalk command.
When I tried to unzip the file using the unzip command, it failed because the zip file was encrypted. Therefore, I decided to use zip2john to read the hash and use the john command to crack the hash.
Once the password has been revealed, use the following command to extract the secret text file in the picture.
Read the secret file.
It seems like the word is encrypted, I decided to decode it using base64 and it works!
To check for information on the secret file in the picture, use the command below.:
Since it has been confirmed that there secret file is inside, use the command below to extract the secret file from the JPG file.
Qn4.Who is the other agent (in full name)?
Qn5. SSH password
QN1. What is the user flag?
// ForgTask 5ot to tae the picture of user cat
cat user-flag.txt
Qn2. What is the incident of the phot called?
