VulnHub — NULLBYTE: 1 — Part 1

Description

Codename: NB0x01

Download: ly0n.me/nullbyte/NullByte.ova.zip

Objetcive: Get to /root/proof.txt and follow the instructions.

Level: Basic to intermediate.

Description: Boot2root, box will get IP from dhcp, works fine with virtualbox&vmware.

Hints: Use your lateral thinking skills, maybe you’ll need to write some code.

Links https://www.vulnhub.com/entry/nullbyte-1,126/

Step1. 首先準備攻擊機跟靶機,並設置NAT。

Step2. 透過下方指令得知網段在 10.0.2.0/24

sudo ifconfig

Step3. 利用netdiscover掃描網段

sudo netdiscover -r 10.0.2.0/24

Step4. 可疑的有2.3與2.15,以nmap掃描這幾個IP。

nmap -sV 10.0.2.15

Step5. 發現80port 有開,顯然有個Web Server!

今天就先到這裡,我們目前使用了nmap、discover、nettools等工具。

--

--

--

NTUT CSIE | Biomedical Informatics Lab | github.com/stwater20 | sectools.tw

Love podcasts or audiobooks? Learn on the go with our new app.

Django, AJAX: Like and Upvote button on listview solved in 5 simple steps.

Which Backend Framework Is Right for Your Project?

Vue Native Starter Kit with Validation and State Management

May 4: Building a PostgreSQL API in JavaScript with Express and Sequelize (Part 1)

State of React uncontrolled forms in 2022

The full form of this demo

Step-by-step guide on creating and publishing a Vue.js plugin.

Is Javascript Synchronous or Asynchronous?

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
ryan.chen

ryan.chen

NTUT CSIE | Biomedical Informatics Lab | github.com/stwater20 | sectools.tw

More from Medium

Exploitable CTF 1 Writeup

Advent of Cyber 3 (2021)-Day 3

Top 10 of the most useful commands on bash (for beginners)

Advent of Cyber 3: [Day 1] Save The Gifts