Hack the Box – Explosion
# Information:
Platform Name: Hack the Box
Machine Challenge: Explosion
Machine Status: Starting Point
Challenge Level: Very Easy
# Used Tools:
- Linux
- nmap
- RDP (xfreerdp)
- terminal
# Challenge Description:
This challenge has a list of questions that need to be answered in order to retrieve the flag. We will answer every question.
# Writeup:
Task 1:
“What does the 3-letter acronym RDP stand for? “
Answer: RDP stands for Remote Desktop Protocol.
RDP consists in a secure network communications protocol developed by Microsoft.
Task 2:
“What is a 3-letter acronym that refers to interaction with the host through a command line interface?“
Answer: The 3-letter acronym is CLI that stands for command line interface.
CLI is used to interact with a computer program using text.
Task 3:
“What about graphical user interface interactions?“
Answer: GUI.
GUI stands for Graphical User Interface.
Task 4:
“What is the name of an old remote access tool that came without encryption by default and listens on TCP port 23?“
Answer: If you search on google for port 23, it will tell you that the service running on this port is telnet.
telnet is an old internet protocol used to access Unix machines, (speed guide.net, n.d.)ยน.
Task 5:
“What is the name of the service running on port 3389 TCP?“
Answer: The service running on port 3389 is the ms-wbt-server.
I performed an nmap scan and I was presented with the following:
In image 1 you can see that there are many ports open and one of them is port 3389.
Task 6:
“What is the switch used to specify the target host’s IP address when using xfreerdp?“
Answer: The switch is /v:
Task 7:
“What username successfully returns a desktop projection to us with a blank password?“
Answer: The username is Administrator.
Some of the most common user names (at least the default ones) are:
- root
- admin
- Admin
- ADMIN
- administrator
- Administrator
Submit flag:
To retrieve the flag, I used the following command:
xfreerdp /v:<your_IP_here> /u:administator
In the command above the switch /v: is for IP address and the switch /u: is for username.
The flag is:
Bibliography:
- Speed guide.net. (n.d.). Port 23 Details. Accessed in January, 2024, on: https://www.speedguide.net/port.php?port=23
Thank you very much for reading!
Cheers,
SoBatista