11/23/2023 0 Comments Port 5555 freeciv androidWith these files removed, I could manually interact with the device. Looking in the root directory, I found the flag.txt file which contained a clue for my next steps.Īgent "S" Your Secret Key ->259148637įirst, I removed the key files from the system directory to disable the screen lock protection. Next, surprisingly enough, I was able to escalate to root with the ‘su’ command! With ADB working, I used the shell command to get access to the device. * daemon not running starting now at tcp:5037Ĭonnected to ~/VulnHub/investigator# adb devices -lġ92.168.5.224:5555 device product:android_x86 model:VirtualBox device:x86 transport_id:1 Using ADB, I was able to successfully connect to the device. Processing triggers for libc-bin (2.31-2) ~/VulnHub/investigator# adb ~/VulnHub/investigator# apt-get install adb Since this was an Android device, I installed ADB to perform some remote debugging. When I tried to visit another page on the server, I received the same message. Port 8080 had a default website that mentioned a missing investigator. Nmap done: 1 IP address (1 host up) scanned in 104.43 seconds Stats: 0:01:44 elapsed 1 hosts completed (1 up), 0 undergoing Script Post-Scan OS CPE: cpe:/o:linux:linux_kernel:3 cpe:/o:linux:linux_kernel:4 |_http-title: Welcome To UnderGround Sector Service scan Timing: About 50.00% done ETC: 23:01 (0:00:36 remaining)Ĩ080/tcp open http PHP cli server 5.5 or later Stats: 0:00:43 elapsed 0 hosts completed (1 up), 1 undergoing Service Scan When I port scanned the device, I saw that ports 55 were open. Nmap done: 256 IP addresses (9 hosts up) scanned in 1.86 seconds MAC Address: 08:00:27:80:2F:57 (Oracle VirtualBox virtual NIC) Nmap scan report for pfSense.sanctuary (192.168.5.1) This time, it’s Investigator by Sivanesh Kumar, which you can download here Enumerationįirst, when I loaded the VM in VirtualBox, I saw that it was an Android device of some kind.įirst, I scanned my network looking for the target system. It’s time for another VulnHub write-up to follow-up my Sunset Midnight post! VulnHub Investigator Walkthrough – Introduction This time, my VulnHub Investigator Walkthrough is for hacking into an actual Android device.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |