Mar 16

hackfest2016: Quaoar CTF WriteUp

I decided to solve the Quaoar VM immediately. Thanks to Viper very much.

Ip address and reconnaissance section no really necessary…









After I know the IP address I made a nmap scan:





Nmap detected the open ports:






After I entered the website and started what i’m against with:






I used dirbuster the understand which directories are listable and vulnerable:


I found wordpress is vulnerable. After i entered directory credentials worked. Bingo!





After I logged in as admin. I decided to install a webshell from editor section:







I uploaded PHP SHell from github:

I created the shell with this command below:
php -f index.php — -o myShell.php -p 1453 -s -b -z gzcompress -c 9

I uploaded the shell and found root database credentials from wp-config.php file:









After all of this challenge I logged into Quaoar from ssh and found the flags:








Bir Cevap Yazın

E-posta hesabınız yayımlanmayacak. Gerekli alanlar * ile işaretlenmişlerdir

Şu HTML etiketlerini ve özelliklerini kullanabilirsiniz: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>