Solved Wgel CTF for Try Hack Me Machine | Wgel CTF

Solved Wgel CTF for Try Hack Me Machine Wgel CTF

Wgel CTF

Today I have solved Wgel CTF for Try Hack Me Machine https://tryhackme.com/room/wgelctf

Wgel CTF

 

Methodology

  • Scanning and Enumeration
  • Exploit
  • Privilege Escalation

 

Wgel CTF

 

  • 1st Configure VPN

Wgel CTF

 

 

  • Then we will start the machine first then we will get the machine Ip.

Wgel CTF

  • Then we will do the first scanning from the IP we will get, then we will scan with Nmap, then we will get only 2 ports open in it, one ssh and the other http

Nmap Command: – nmap -sC -sV -Pn <Machine Ip>

Wgel CTF

  • When we saw the http port open, we directly searched the IP address on the browser and there we got to see the default page of

Wgel CTF

 

 

  • When we didn’t find anything on the ubuntu default page, we looked it up from view source, then we found a user named Jessie.

 

 

Wgel CTF

 

  • Then we searched the directory maybe we can find something in

Directory search command: – dirsearch -u http://<Machine Ip>

 

  • So, we did not find much, then we found the site map more interesting, so we searched the site map

 

  • Then we used the sitemap, then we saw a website, then we looked in the whole website, nothing was

Wgel CTF

 

  • When we did not find anything in the website, then we used gobuster again, then we got its /.ssh name

Wgel CTF

 

  • When we add /.ssh we will see a new page in which we will see the file of id_rsa

Wgel CTF

 

 

  • Then we opened id_rsa then we got to see rsa private

Wgel CTF

 

  • Then we copied the private key, made it nano and made a file named rsa, and pasted the private key in

Wgel CTF

  • Then by doing chmod 600 we gave permission to read and write

Wgel CTF

  • Then we will access the user using ssh, we have given the name of the file by -i so that we can take the password from it and the user, name we already got is jessie and then we have given the machine IP.

Wgel CTF

  • Then we will get access to the

Wgel CTF

 

  • Now we will find the user flag

Find user flag command: – find / -type f -name “user*” 2>/dev/null From this we will know where the user flag is.

  • Now we know where the user flag is, there is a user flag inside the document, so if we go inside the document and do cat user flag, then we will get the

Wgel CTF

  • Now we have to get the root flag, so first we will see who has permissions for root. sudo -l will know who has root permissions. Then we will see wget has root

Wgel CTF

  • Now how can we take wget to gtfobins for privilege escalation

 

Wgel CTF

 

Wgel CTF

  • Before we used the gtfobins command, we opened the net cat so that any response would come on that only. and we got root key on netcat

 

Wgel CTF

Now Our CTF is Complete

This Walkthrough is specially performed, written, and proposed by a brilliant aspirant of Craw Cyber Security Institute for the goal to provide a informational and educational mindsets for all. For more amazing Walkthrough or Consultancies, you can follow on the provided account link. Learn, Research, and Grow!

Name: – Abhishek Kumar

LinkedIn: – www.linkedin.com/in/abhishek-kumar-a994161a0

Kindly Read more articles:

How to Solve Bounty Hacker for tryhackme Machine | TryHackMe

COLDDBOX: EASY VulnHub CTF Walkthrough

Leave a Reply

Your email address will not be published. Required fields are marked *