This is the most useless box

Reconnaissance reveals a lot of useless stuff. I am not gonna even bother to put that out here. I went back and checked though. Each one of those services were patched.

One look at the webpage was all it took to root XD.

Public CVE worked for this.

Got a password which was apparently repeating all over.

--

--

This box didn’t Require any reconnaissance since I looked at the home page of the website and knew exactly what was to be done.

nibbleblog has a very cliched RCE which only requires some credentials which I hoped to guess.

--

--

Siddharth Johri

Siddharth Johri

To hack the world, first you need to make coffee