Posts

Showing posts from July, 2017

Proteus Pwn4g3

Image
Hi Everyone, Over this blogpost, I shall write about how I cracked a recently hosted challenge on vulnhub named "Proteus". Looking at the machine description over Vulnhub: The machine simulates an environment where you can upload executable files and performs malware analysis over it. I download the OVA and setup my kali and vulnerable machine on the same network. First and foremost, network discovery: So the IP I shall be targeting is 192.168.137.250 I ran nmap and two services stand out: 1. ssh ==> port 22 2. http ==> port 80 I tried checking over ssh but it seems only key based login is allowed. I shifted my focus over to port:80 Immediately striking are two things: 1. File upload feature 2. Login functionality It seemed that the file upload is based on mime type and only executable file or sharedlib types are supported for uploads. First I tried uploading a normal file and as an output we get binary analysis of the file. Checki