Advent of Cyber 2022 [Day9]-Pivoting | Dock the halls — Short Writeup and Walkthrough
Advent of Cyber 2022 [Day9]-Pivoting | Dock the halls Writeup and Walkthrough Task 14 Answers by Karthikeyan Nagaraj
1. Deploy the attached VM, and wait a few minutes. What ports are open?
Perform a Port Scan with Nmap
Ans: 80
2. What framework is the web application developed with?
Open the <Machine-Ip> in a Browser, At the Bottom it will display the String Laravel
Ans: laravel
3. What CVE is the application vulnerable to?
Ans: CVE-2021-3129
4. What command can be used to upgrade the last opened session to a Meterpreter session?
Ans: sessions -u -1
5. What file indicates a session has been opened within a Docker container?
What is Docker?
Docker is a way to package applications, and the associated dependencies into a single unit called an image. This image can then be shared and run as a container, either locally as a developer or remotely on a production server. Santa’s web application and database are running in Docker containers, but only the web application is directly available via an exposed port. A common way to tell if a compromised application is running in a Docker container is to verify the existence of a /.dockerenv
file at the root directory of the filesystem.
Ans: /.dockerenv
6. What file often contains useful credentials for web applications?
env file contains the individual user environment variables that override the variables set in the /etc/environment file.
Ans: .env
7. What database table contains useful credentials?
Ans: users
8. What is Santa’s password?
use auxiliary/admin/postgres/postgres_sql
run postgres://postgres:postgres@<MACHINE_IP>/postgres sql='select * from users'
We got the Passwords!!
Ans: p4$$w0rd
9. What ports are open on the host machine?
Ans: 22,80
10. What is the root flag?
Thank you for Reading!!
Happy Hacking ~
Author: Karthikeyan Nagaraj ~ Cyberw1ng
Queries:
THM , TryHackMe , TryHackMe Advent of Cyber 2022 , TryHackMe Advent of Cyber 4 Day 9, Ethical Hacking , Write up , Walk through , TryHackMe Advent of Cyber 2022 Day 9 Answers