TryHackMe- Kenobi CTF Writeup (Detailed)

Published in

InfoSec Write-ups

8 min readDec 4, 2020

Welcome folks!!
We are going to do Kenobi CTF on TryHackMe.
This room is part of the Offensive Pentesting Learning Path and it will teach you about Samba, SMB share enumeration, ProFTPD manipulation, NFS enumeration, mounting NFS drives, gaining access and lastly privilege escalation with Path Variables using SUID binaries. It is a super-fun room.

CTF Link:

TryHackMe | Kenobi

Walkthrough on exploiting a Linux machine. Enumerate Samba for shares, manipulate a vulnerable version of proftpd and…

tryhackme.com

CTF Created By:

TryHackMe | tryhackme

TryHackMe is an online platform for learning cyber security, using hands-on exercises and labs!

tryhackme.com

Create a directory of your CTF machine and a directory for Nmap to store your Nmap scan output.

Let’s dive in!! Enjoy the flow!!

Task 1- Deploy the vulnerable machine:

Deploy the machine. The easiest task of them all 😄.

Make sure you’re connected to our network and deploy the machine
Ans: No answer needed

Nmap Scan :

nmap -sC -sV -p- -oN nmap/kenobi <TARGET_IP>
-sC : Default scripts
-sV : Version detection
-oN : Output to be stored in the directory ‘nmap’ you created earlier
-p-: All ports to scan