Skip to main content

ME AND MY GIRLFRIEND: 1 Walkthrough

 ME AND MY GIRLFRIEND: 1 Walkthrough

Description: This VM tells us that there are a couple of lovers, namely Alice and Bob, where the couple was originally very romantic, but since Alice worked at a private company, "Ceban Corp", something has changed from Alice's attitude towards Bob like something is "hidden", And Bob asks for your help to get what Alice is hiding and get full access to the company!


Difficulty Level: Beginner

Notes: there are 2 flag files

Learning: Web Application | Simple Privilege Escalation | uses of Burp Suite | Unix Commands

Machine Download Link: https://www.vulnhub.com/entry/me-and-my-girlfriend-1,409/

Tools: 

  1. Raccoon

  2. Nikto

  3. Burp Suite

  4. NMAP

  5. Dirb

After downloading the ova file, I imported in Oracle virtual machine, then started my kali machine and my target machine(ME AND MY GIRLFRIEND: 1).

Step 1: At first, search my target machine using this command "sudo arp-scan -l."


As we saw the result, I found my target machine's IP, the bold yellow mark. 

Step 2: we are using a command for enumeration advance search command, so for this, we are using this command "sudo raccoon -d -f 192.168.0.118"



In the above, we can see we found some directories which one is 200,301 services.

Step 3:  As we can see, the 80 port is open, so we search for the IP on the browser.

Here we found some hints, so let's find out the clues, and for this, we are using a  burp suite. 

Step 4: For this, we are using a burp suite and adding this line in proxy=> options

Step 5: After this, we bypass the page and find a new page. Let's register and login the page 




After Successfully login the page we found a new page and click on the profile.
Step 6: When clicking on the profile, the data caught from the burp suite and sent the data in the repeater and change the user id and find the user with the password.
Step 7: After getting a username and password, we log in through the ssh port and successfully login with the ssh port.

We got one flag from this, and let's hunt the flag 2. So for this, we have to type in the command prompt “sudo -l” and type some commands 

Variable-“/bin/bash”

Sudo /usr/bin/php -r “system(‘$variable’);”

Cd /root

Ls

Cat flag2.txt

Comments

Post a Comment

Popular posts from this blog

Kali Linux Basic Commands with FileSystem

Kali Linux  is a distribution of Linux specifically designed for penetration testing. It has hundreds of tools preinstalled, saving you the hours it would take to download and install them yourself. Directory is the same as a folder in Windows. A directory provides a way of organizing files, usually in a hierarchical manner.  Home Each user has their own /home directory, and this is generally where files you create will be saved by default.  root Like nearly every operating system, Linux has an administrator or superuser account, designed for use by a trusted person who can do nearly anything on the system. Script is a series of commands run in an interpretive environment that converts each line to source code.  Shell  is an environment and interpreter for running commands in Linux. Terminal is a command line interface (CLI). The Linux Filesystem The Linux filesystem structure is somewhat different from that of Windows. Linux doesn’t have a physical drive (suc...
Post a Comment
Read more

Vulnerability Assessment and Penetration Testing(VAPT)

   What is a Vulnerability Assessment? A vulnerability assessment is a periodic review of security weaknesses in an information system. It estimates if the system is susceptible to any comprehended vulnerabilities, allocates severity levels to those vulnerabilities, and suggests remediation or mitigation , if and whenever required. Also, using  a risk-based method, vulnerability assessments may target different layers of technology and systems, the most common being host-, network, and application-layer, the infrastructure of network reviews. There are several types of vulnerability assessments. These include: Host-based assessment – The review of critical servers, which may be vulnerable to attacks if not adequately tested or not generated from a tested machine image. Network and wireless assessment – The assessment of policies and practices to prevent unauthorized access to private or public networks and network-accessible resources. Database assessment – The assess...
Post a Comment
Read more