Hydra
Found 5 related articles
Back to Tags- 2025-03-03
Internship - Multi-Stage Exploitation via SQLi and Steganography
Technical writeup covering multi-stage compromise of the 'Internship' challenge. The methodology progresses from SQL Injection authentication bypass and user data extraction to a targeted SSH brute-force attack (Hydra). Privilege escalation involves script modification for horizontal movement, culminating in steganography analysis (Steghide) for final root access.
- 2024-10-31
StellarJWT - JWT Exploitation and Chained SUID Privilege Escalation
Technical writeup detailing the compromise of the 'StellarJWT' challenge. The methodology involves identifying and decoding an exposed JSON Web Token (JWT) for user enumeration, followed by a dictionary attack using Hydra for SSH access. Privilege escalation is achieved through a chained exploitation of NOPASSWD SUID binaries: using 'socat' for horizontal movement and 'chown' for '/etc/passwd' modification to gain final root access.
- 2024-10-11
TickTackRoot - FTP Anonymous, SSH Brute-Force, and SUID Binary Exploitation
Technical writeup detailing the compromise of the TickTackRoot machine. The path includes initial enumeration of open services (21/FTP, 22/SSH, 80/HTTP). Access is gained by leveraging Anonymous FTP login to find potential usernames, followed by a successful SSH brute-force attack using Hydra. Privilege escalation is achieved by exploiting the SUID binary 'timeout_suid' to gain a root shell, demonstrating a classic Linux privilege escalation technique.
- 2024-10-09
BreakMySSH - Exploiting OpenSSH CVE-2018-15473 for Root Access
Technical writeup detailing the compromise of the BreakMySSH challenge. Methodology covers Nmap scanning, exploiting the OpenSSH 7.7 Username Enumeration vulnerability (CVE-2018-15473) to identify a valid user, followed by a targeted password brute-force attack using Hydra to gain root access.
- 2024-09-17
Trust - SSH Brute-Force and Vim Sudo Privilege Escalation
Technical writeup detailing the compromise of the 'Trust' challenge. Methodology includes Nmap scanning and web fuzzing via Gobuster to identify hidden resources, a targeted Hydra brute-force attack to obtain SSH credentials, and final privilege escalation by exploiting the NOPASSWD sudo permission on the Vim binary.