If you remember from the nmap scan we have a port 7331 open and it was protected with Basic Authentication.
#Matrix 3 password
Upon cracking the hashed password using online tool hashkiller, we found the password as passwd. We downloaded the file secret.gz and found that it’s actually a txt file and is containing the username and password.
#Matrix 3 movie
So after trying multiple combinations we used our little brain more aggressively and made a combination of n/e/o/6/4, neo is the name of the actor in the Matrix movie and 64 number is I guess favourite number of the creator of this VM because he is using it everywhere. So we used Matrix in the URL as shown in the image below and it worked for us.įrom the contents of the directory Matrix, we understood that we have to make a right combination of the alphanumeric to go ahead. Then upon looking at the file name properly we found out that the name of the file is itself giving us the path forward. We first opened this image but didn’t find anything of our use. We opened the assets directory in the browser and found an image file named Matrix_can-show-you-the-door.png under /assets/img/ URL. dirb Īfter brute-forcing with dirb, we found a directory named /assets
So we used dirb for directory enumeration. nmap –p- –A 192.168.1.104Īs we can see port 80 is open, we tried to open the IP address in our browser but we didn’t find anything useful on the webpage. We found that port 80 is open, SSH is running on port 6464 and port 7331 is open on the target machine. We can identify our host IP as 192.168.1.104 by using Netdiscover. Let’s start of by scanning the network and identifying the host IP address. Security Level: Intermediate Penetrating Methodology: The credit for making this VM machine goes to “Ajay Verma” and it is another boot2root challenge where we have to root the server and capture the flag to complete the challenge. Today we are going to take another CTF challenge from the series of Matrix.