I believe this is the same author as Sumo.  The box states that it's "Beginner to Intermediate", the object is:  "Get the root shell i.e.(root@localhost:~#) and then obtain flag under /root)." and I'm glad I went back to read that because you don't need to elevate root to get the flag.  It also states:  "Warning: Be careful with "rabbit hole" -- not really sure exactly about that part.  Anyway, fun box so let's jump into it:

    "Burp Suite is a leading range of cybersecurity tools, brought to you by PortSwigger. It's the #1 tool suite for penetration testers and bug bounty hunters."

    When I write my posts, I like to use free tools because most of the free stuff is pretty awesome.  That being said, of the pay products, it's really hard to go wrong with Burp Suite Pro.  I think with the exception of some throttling, the pro version and free version are similar but at $400, it's not an expensive product for a business. 

    The description states that the box is "Beginner" and "Get the root shell i.e.(root@localhost:~#) and then obtain flag under /root)."  I don't want to put too much information up front but if you haven't been hacking for long, this is a blast from the past with a neat entry. 

    We kick off with Nmap:

    So I found this new CTF hacking site, TryHackMe.  At first glance, it seems like a tamer version of HackTheBox.  I took a quick look around, hacked the first box, and now I'm paying the $10/month for my subscription because it was a good experience and I want to encourage them to grow this with my piddly $10.  The first box on the list is Tomghost so you sort of know where this is headed based on the Ghostcat logo.  If not, I don't go into detail because I just wrote about Ghostcat so you can get my full thoughts from that post.

    The description states:  "Identify recent vulnerabilities to try exploit the system or read files that you should not have access to."  So it's generic but we'll just do our normal routine.  Kicking off with Nmap:

    I've written a few things about Empire in the past but sometime around July of last year (I think), they stopped maintaining the project.  Then BC Security picked it up and moved the ball forward again.  I liked Empire because it's simple, no nonsense, and it worked.  That said, it wasn't as stealthy as some other C2 frameworks and it was unreliable when it came to evading antivirus.  When the new project came to light, I wanted to take a look but at the same time, I questioned whether or not I'd run into the same issues.  By necessity, I needed to test Empire for something I'm working on so I fired up the new project.

    Page 6 of 59

    © 2020 sevenlayers.com