Hi,
I’m stuck with the Flag 3 and 4 of the CTF. I’ve tried to enumerate the system and found that it uses werkzeug 3.1.3 but I cannot reach the console page. I’ve also tried to brute force the ssh but without results.
Could someone help me with some suggestions?
@AlexisA Can you please help me?
Thank you
Hi,
There’s a libssh_auth_bypass metasploit module that you can use to gain access.
Use the libssh_auth_bypass module in Metasploit but make sure to show the info for the module. You have to set the SPAWN_PTY true for the module to work correctly along with the RHOSTS IP. I’m stuck on Flag 4 & escalating the privileges. I have access to the /etc/shadow file but it’s taking forever to crack the yescrypt hash of the root user. Am I going about this the right way?
Forget about password cracking, look closely at all the files you have access to, specially in the /home folder, that’s the hint.
Got it! Thank you for the direction on this one!