Skip to main content

Agent SUDO

Box Description

You found a secret Server located under the deep sea. Your task is to hack inside the server and reveal the truth.

NMAP

  • [FTP: 21] [SSH: 22] [HTTP (Apache Web Server): 80]
Nmap scan report for 10.10.2.168
Host is up (0.096s latency).

PORT STATE SERVICE VERSION
21/tcp open ftp vsftpd 3.0.3
22/tcp open ssh OpenSSH 7.6p1 Ubuntu 4ubuntu0.3 (Ubuntu Linux; protocol 2.0)
| ssh-hostkey:
| 2048 ef:1f:5d:04:d4:77:95:06:60:72:ec:f0:58:f2:cc:07 (RSA)
| 256 5e:02:d1:9a:c4:e7:43:06:62:c1:9e:25:84:8a:e7:ea (ECDSA)
|_ 256 2d:00:5c:b9:fd:a8:c8:d8:80:e3:92:4f:8b:4f:18:e2 (ED25519)
80/tcp open http Apache httpd 2.4.29 ((Ubuntu))
|_http-server-header: Apache/2.4.29 (Ubuntu)
|_http-title: Announcement


Content Discovery

  • Page: [IP:80]
  • The Letter Suggests that we use our own Codename as User-Agent. Since the Letter says at the end from Agent: R we can try to FUZZ User-Agent using Alphabet Letters.
Dear agents,    
Use your own "codename" as user-agent to access the site.

From,
Agent R

  • Page: [IP:80/agent_C_attention.php]
  • Through Fuzzing we discover the Accepted Codename: C
  • Examining the Output we can Discover the Username: chris and the Initials of another Agent: J
Attention 'chris',
Do you still remember our deal? Please tell agent 'J' about the stuff ASAP.
Also, change your god damn password, is weak!

From,
Agent R