WINJA CTF: SSH
Hello everyone, here is another day, another quiz by WinjaCTF.
I also answered the first quiz by WinjaCTF. Check it out here.
Today’s Challenge link — https://twitter.com/Winja_CTF/status/1353587253054869504
From the photo, we can find 3 important things — 54.235.17.69 (an IP address), John (maybe a user), and john1234 (maybe a password).
So, I tried to ssh to the given IP, and guess what I got access to the machine.
Then, I checked what are the files present in the user’s directory. I found a strange file — lin.sh. On further checking it, I understood that it was linpeas.sh script, i.e., Linux Privilege Escalation Awesome Script.
On executing it, I found a file “/usr/bin/fmt” with SUID permissions owned by “ec2-user” user.
So, I thought that flag may be present in the “ec2-user” directory. And I was right.
This was an easy challenge. Thanks for reading…