Psycho Break

Try Hack Me

Introduction

This room is based on a video game called evil within. I am a huge fan of this game. So I decided to make a CTF on it. With my storyline :). Your job is to help Sebastian and his team of investigators to withstand the dangers that come ahead.

Enumeration

We always start scanning our IP to find open ports with NMAP.

Let's check the web page:

Source page:

Let's go to /sadistRoom and click here

And the new page:

Let's Decode:

We will enter the code clicking on here. And we get:

Let's check the page and run Google Reverse Image:

Now we can use the key to get to the Abandoned Room click Go Further than check the Source Page than use the ?shell=ls command as it suggests. In order to go to the next phase we will use the ls .. which will show a hash to enter a page with a zip and txt file.

Let's unzip the file and we will use this tool for the wav file and use the passcode to extract the txt file for the ftp credentials:

Let's log in to the ftp, extract the files, and write a script (took it from another writeup bcz wasn't feeling in the mood of doing myself ๐Ÿ˜Š) to run the program and dict files:

Let's use this tool to decode:

Exploitation

USER.TXT

Now let's ssh with the passcode:

Answer Hidden as per THM request - for more HELP ๐Ÿ‘‰ TROLL ME

ROOT.TXT

Let's be root:

Answer Hidden as per THM request - for more HELP ๐Ÿ‘‰ TROLL ME