Post

Sws101_ctfjournal6

Posted
By Tshering Phuntsho 2 min read

Try Hack Me Room: Anthem

CTF

Task1: Website Analysis

Let’s run nmap and check what ports are open.

CTF

We discovered 2 open ports 80 and 3389.

What port is for the web server?

ANS: 80

What port is for remote desktop service?

ANS: 3389

Since port 80 is open, let’s check what is there on the website.

CTF

What is a possible password in one of the pages web crawlers check for?

Checking /robots.txt directories.

CTF

ANS: UmbracoIsTheBest!

What CMS is the website using?

The server is running Umbraco CMS.
ANS: Umbraco

What is the domain of the website?

In the website itself, it was mentioned that anthem.com
ANS: anthem.com

What’s the name of the Administrator

CTF

In this page, there is a poem written for the administrator and i copy pasted that poem in google and got the admin name.

CTF

ANS: Solomon Grundy

Can we find the email address of the administrator?

CTF

The email for Jane Doe is JD@anthem.com and for admin Solomon Grundy It will obviously SG@anthem.com
ANS: SG@anthem.com

Task2: Spot the flags

Our beloved admin left some flags behind that we require to gather before we proceed to the next task…

Answer the questions below.

Let’s answer this question by reading the hint.

What is flag 1?

Hint{Have we inspected the pages yet?}
Oh let’s inspect the pages. After brute forcing each page I got the flag on the hiring page.

CTF

ANS: THM{L0L_WH0_US3S_M3T4}

What is flag 2?

Another flag is on the hiring page.

CTF

ANS: THM{G!T_G00D}

What is flag 3?

Hint{Profile} Let’s check profile

CTF

ANS: THM{L0L_WH0_D15}

What is flag 4?

CTF

ANS: THM{AN0TH3R_M3TA}

Task3: Final stage

Let’s get into the box using the intel we gathered.

Answer the questions below.
Let’s figure out the username and password to log in to the box.(The box is not on a domain)

Gain initial access to the machine, what is the contents of user.txt?

As we already know that we have a remote desktop port 3389 open, we use the already found credentials to log in.
Username — SG
Password — UmbracoIsTheBest!

Command is rdesktop -u SG -p UmbracoIsTheBest! 10.10.206.13

CTF

Wow window desktop gets open and there is also a user file.

CTF

ANS: THM{N00T_NO0T}

Can we spot the admin password?

Hint{It is hidden.}
There is a backup folder that has the password required to access the Administrator folder.

CTF

ANS: ChangeMeBaby1MoreTime

Escalate your privileges to root, what is the contents of root.txt?

ANS:THM{Y0U_4R3_1337}

That’s it for this anthem room, see you guys on the next try hack me room walkthrough.

SWS101, CTF_Journal6
SWS101
This post is licensed under CC BY 4.0 by the author.

Trending Tags

SWS101 DBS101 CTF SWS202 WEB