Box Info
  • Name:Cap
  • OS: Linux
  • Difficulty: Easy
  • IP: 10.10.10.245
Cap box image

Setup

mkdir -p ~/ctf/HackTheBox/cap/scans; cd ~/ctf/HackTheBox/cap IP Address: 10.10.10.245

echo "10.10.10.245 cap.htb" | sudo tee -a /etc/hosts 10.10.10.245 cap.htb

Enumeration

nmap -sC -sV -Pn -p- cap.htb -oN scans/nmap -vv nmap -sC -sV -p- -T5 --min-rate 2500 -oN scans/nmap_2 cap.htb

user flag

When Navigating to home page http://cap.htb/ it would show as follows:

When Capturing the request for Security Snapshot (5 Second PCAP + Analysis):

It would show as follows:

Notice the one parameter when changed to 0 would show a new traffic capture and on opening pcap file we found sensitive data:

Credentials found for FTP & ssh: Username:nathan Password:Buck3tH4TF0RM3!

logging in ftp using these creds

Location: ftp | Flag: de1##################################

root flag

Location: /root | Flag: 7a3##################################