I am working through a closed / private CTF.
I am not looking for someone to tell me any answers straight up, as that won't help me learn!
But any advice for the following would be greatly appreciated.
There are 8 Challenges, so far, I have completed 5 of them with just 3 remaining.
These 3 involve reading some information on a git, finding a hidden key to then ssh into an Amazon Linux box as a user jmpbox
Challenge 5: Get yourself a real shell and find the flag.
There does not look to be many commands I can run on here, running 'help' gives me:
Documented commands (use 'help -v' for verbose/'help <topic>' for details): =========================================================================== connect exit health_check help history list List just gives me a bunch of IP addresses with locations that are all offline (IP Addresses only masked for this post):
JMP BOX:>list x.x.x.x | US | (Offline) x.x.x.x | US | (Offline) x.x.x.x | US | (Offline) x.x.x.x | DE | (Offline) x.x.x.x | NL | (Offline) x.x.x.x | US | (Offline) JMP BOX:> Challenge 6: What is the contents of the .flag file in the /root directory
I think I would be ok with this one once i figure out how to get full shell on the server
Challenge 7: Find the key hidden in the ASCII Art after completing "Challenge 5"
Not sure if the art will be different once I login to the full shell but this is what I am given when i login with what I have:
__-------__ / \n | | / @ @ \n __(__ <> __)__ __\_ _/__ \ |-__|__-| / | | | | \| |/ \ \ \ \/ / / / \ \ \/ / / \ \ / / 87 69 57 83 73 68 77 103 83 108 100 78 81 108 100 75 84 69 49 52 87 109 120 50 88 71 53 50 99 72 100 99 90 72 100 108 98 70 120 118 90 110 66 119 88 71 112 116 88 71 116 109 89 109 57 (>*-*)> 51 97 51 52 61 <(*-*<) ^(^.^)^ ^(^.^)^ ^(^.^)^ ^(^.^)^ ^(^.^)^ ^(^.^)^ ^(^.^)^ If anyone has some pointers on how to move forward in this, I would be so grateful!
[link] [comments]
from hacking: security in practice https://ift.tt/do8SXcO
Comments
Post a Comment