DefCamp 2014 – Network 100 –

You were given an IP address and a HINT similar to guests are always allowed but the manager has a secret what is it.

SSH access was open for user guest password guest.

Once in you see a toolkit directory with tcpdump in it.

tcpdump -l -A | egrep -i ‘secret’
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes
user=manager&pass=asecret
user=manager&pass=topsecretmanagerpassword
The secret is behind <strong>0f388689dc4728cfde0de9a1ee47c8d3</strong>. Don’t tell anyone!

an MD5 of  0f388689dc4728cfde0de9a1ee47c8d3 gives you the flag

FLAG:  ididyourmom

Posted on October 20, 2014, 6:10 am By
Categories: Main