Hack the Box – Fawn

# Information:

Platform Name: Hack the Box

Machine Challenge: Fawn

Machine Status: Starting Point

Challenge Level: Very Easy

# Used Tools:

  • Unix
  • nmap
  • ftp
  • terminal
  • cat
  • ls

# Challenge Description:

This challenge has a list of questions that need to be answered in order to retrieve the flag. We will answer every question.

# Writeup:

Task 1:

What does the 3-letter acronym FTP stand for?

Answer: The 3-letter acronym FTP stand for File Transfer Protocol. This protocol is used to transfer files from one computer to another.


Task 2:

Which port does the FTP service listen on usually?

Answer: The FTP service listen on port 21.


Task 3:

What acronym is used for the secure version of FTP?

Answer: The acronym used for the secure version of FTP is SFTP (or Secure File Transfer Protocol). This protocol uses secure shell encryption. In this way the transfer and reception of files is more secure, (Precisely, nd.).


Task 4:

What is the command we can use to send an ICMP echo request to test our connection to the target?

Answer: To test our connection to the target we use the ping tool.

Ping sends an Internet Control Message Protocol (aka ICMP) echo request to the target host, and waits for an ICMP echo reply. If there’s a connection we will receive the following:

Image 1

Task 5:

From your scans, what version is FTP running on the target?

Answer: The version was vsftpd 3.0.3.

After knowing that the target was connected and reachable via the command ping, I scanned the target with nmap. For that I used the following command:

nmap <your_IP_here>

With nmap I could retrieve important information for instance the version of the FTP, the OS type, etc. You can see that on the image 2.

Image 2

Task 6:

From your scans, what OS type is running on the target?

Answer: As you can see in the image 2, the OS type is Unix.


Task 7:

What is the command we need to run in order to display the ‘ftp’ client help menu?

Answer: The command to display the ‘ftp’ help menu is:

ftp -h

You can see more information about ftp commands here.


Task 8:

What is username that is used over FTP when you want to log in without having an account?

Answer: The username is anonymous. You can see this in the image 2 where the ftp-anon says that anonymous users can login.

To login I used the following command:

ftp <your_IP_here>

image 3

Task 9:

What is the response code we get for the FTP message ‘Login successful’?

Answer: 230. You can see this code in the image 3.


Task 10:

There are a couple of commands we can use to list the files and directories available on the FTP server. One is dir. What is the other that is a common way to list files on a Linux system?”

Answer: The other command is:

ls

Image 4

Task 11:

What is the command used to download the file we found on the FTP server?

Answer: The command is:

get flag.txt

Image 5

Submit root flag:

I went to the directory to where I downloaded the flag and read it’s content with the following command:

cat flag.txt

Image 6

The flag is:

Show flag
035db21c881520061c53e0536e44f815


Bibliography:

  • Precisely. nd. SFTP – Secure File Transfer Protocol. Accessed in September, 2023, on: https://www.precisely.com/glossary/sftp

Thank you very much for reading!

Cheers,

SoBatista


Leave a Reply

Your email address will not be published. Required fields are marked *