Vulnhub: mhzc1f

A very standard boot2root machine, beginner difficulty. A bit puzzle-y with some focus on enumeration, and stego. This is one of my older writeups and the format is a bit messed up.

Scanning:

Initial scan to find the machine on the network

Full scan to get details about running services

Web:

Enumerating the web server using skipfish:

We find file notes.txt

note.txt contains the following message

Visit the text file listed in notes.txt

These are credentials for SSH

User:

Login to SSH:

User Flag:

Root:

There is another user mhz_c1f

Download the contents of the folder paintings found in their home folder:

Stego:

Use steghide to extract hidden file from “spinning the wool.jpeg”

Go back to ssh and login as mhz_c1f:

Become root:

Root Flag:

FIN.