HackathonCTF Vulnhub Walkthrough

In this post we are going solve another Vulnhub boot to root challenge is named HackthonCTF, this VM is making by somu sen. it is an easy box, you can download here this VM.

Network Scanning

Let’s start with network scanning, finding our target IP address by using the Nmap -sn ( Ping Scan ) command.

sudo nmap -sn
HackathonCTF Vulnhub Walkthrough

Now we have our target IP address In my case my target IP is ( ) and our next step is scanning the IP address finding open ports and running service.

sudo nmap -sV -sC -p-

Nmap scan reveals that 4 services 21/FTP, 23/Telnet, 80/HTTP, and 7223/SSH are running on the Machine.


Since we saw the Nmap scanning output target machine 80 have open running HTTP Service, let’s navigate the target IP address in the browser.

After open navigating the target machine IP we saw nothing useful, then we try some basic trick reading page source code and navigating popular directories,
HackathonCTF Vulnhub Walkthrough

After reading the robots.txt file we saw different disallow directories and in the footer, we found a base64 encoded string.

we open the all disallow directories but we couldn’t discover useful, without wasting our time we use different extensions and this step is to give us a .html page, let’s open the page.


since we found a sudo.html web page After reading the page source code we found a username comment. let’s try SSH password brute-forcing by using the hydra tool.

hydra -l test -P /usr/share/wordlists/rockyou.txt ssh:// -f

It takes a minute and hydra is discovered a valid password for the test user, let’s login with the SSH server by using the credentials.

ssh [email protected] -p 7223 

Privilege Escalation

Privilege Escalation of the box very easy because we can read every last use commands by reading the file .base_history.

cat .bash_history

and there is a second way to escalate the privilege by check sudo permission for our current user, let’s run the privilege escalation command and escalate the privileged.

sudo -l
sudo -u#-1 /bin/bash
HackathonCTF Vulnhub Walkthrough

Hemisphere Lynx / link

About Rahul Gehlaut

Cyber Security Researcher, CTF Player. Tech Blog Writer.

View all posts by Rahul Gehlaut →