WINJA CTF: SSH

Hello guys, this is my first blog, so please ignore my silly mistakes.

Today, I am writing this blog on the CTF challenge conducted by WinjaCTF on their Twitter handle. This challenge was suggested to me by my friend Shivam Saraswat (thecybersapien). He has already won the first challenge of WinjaCTF.

Challenge Link — https://twitter.com/Winja_CTF/status/1353587253054869504

From the photo, we found 3 important things — 54.235.17.69 (an IP address), John (maybe a user), and john1234 (maybe a password).

So, we tried to ssh to the given IP, and guess what we got access to the machine.

Then, we checked what are the files present in the user’s directory. We found a strange file — lin.sh. On further checking it, we understood that it was LinPEAS script, i.e., Linux Privilege Escalation Awesome Script.

LinPEAS is a script that searches for possible paths to escalate privileges on Linux/Unix hosts.

After executing it, we found a file “/usr/bin/fmt” with SUID permissions owned by the “ec2-user” user.

So, we thought that flag must be present in the “ec2-user” directory. And we were right. We got the flag.

This was a good challenge for me.

Thanks for reading…