Solving HTB Meow CTF: A Walkthrough Guide
What does the acronym VM stand for?
Virtual MachineA virtual machine is a software-based system used to run different operating systems on the same computer in an isolated way.
What tool do we use to interact with the operating system in order to issue commands via the command line, such as the one to start our VPN connection? It’s also known as a console or shell.
TerminalA terminal is a tool used to interact with the operating system and issue commands; it is also called a console or shell.
What service do we use to form our VPN connection into HTB labs?
openvpnOpenVPN is an open-source software that establishes a secure point-to-point connection, enabling secure access to HTB labs.
What tool do we use to test our connection to the target with an ICMP echo request?
pingThe ping command is used to test the network connection to a target device via ICMP(Internet Control Message Protocol) echo request and reply messages.
┌──(root㉿kali)-[/home/kali]
└─# ping 10.129.115.201
PING 10.129.115.201 (10.129.115.201) 56(84) bytes of data.
64 bytes from 10.129.115.201: icmp_seq=1 ttl=63 time=1122 ms
64 bytes from 10.129.115.201: icmp_seq=2 ttl=63 time=254 ms
64 bytes from 10.129.115.201: icmp_seq=3 ttl=63 time=65.2 ms
^Z
zsh: suspended ping 10.129.115.201What is the name of the most common tool for finding open ports on a target?
nmapNmap (Network Mapper) is an open-source security scanner used to scan, discover and analyze computers on the network and services on the network.
┌──(root㉿kali)-[/home/kali]
└─# nmap -sV 10.129.115.201
Starting Nmap 7.93 ( https://nmap.org ) at 2024-02-05 11:16 EST
Nmap scan report for 10.129.115.201
Host is up (0.080s latency).
Not shown: 999 closed tcp ports (reset)
PORT STATE SERVICE VERSION
23/tcp open telnet Linux telnetd
Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel
Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 12.79 secondsWhat service do we identify on port 23/tcp during our scans?
telnetDuring the nmap scan, you can detect the “telnet” service, which indicates that there is a telnet service open and running on the target system.
What username is able to log into the target over telnet with a blank password?
rootAt this point, you need to do research to find the default username in the telnet service that you have designated as a candidate for a cybersecurity specialist. We call it Google.
┌──(root㉿kali)-[/home/kali]
└─# telnet 10.129.115.201
Trying 10.129.115.201...
Connected to 10.129.115.201.
Escape character is '^]'.
█ █ ▐▌ ▄█▄ █ ▄▄▄▄
█▄▄█ ▀▀█ █▀▀ ▐▌▄▀ █ █▀█ █▀█ █▌▄█ ▄▀▀▄ ▀▄▀
█ █ █▄█ █▄▄ ▐█▀▄ █ █ █ █▄▄ █▌▄█ ▀▄▄▀ █▀█
Meow login: root
Welcome to Ubuntu 20.04.2 LTS (GNU/Linux 5.4.0-77-generic x86_64)
* Documentation: https://help.ubuntu.com
* Management: https://landscape.canonical.com
* Support: https://ubuntu.com/advantage
System information as of Mon 05 Feb 2024 04:22:49 PM UTC
System load: 0.0
Usage of /: 41.7% of 7.75GB
Memory usage: 4%
Swap usage: 0%
Processes: 139
Users logged in: 0
IPv4 address for eth0: 10.129.115.201
IPv6 address for eth0: dead:beef::250:56ff:fe96:f102
* Super-optimized for small spaces - read how we shrank the memory
footprint of MicroK8s to make it the smallest full K8s around.
https://ubuntu.com/blog/microk8s-memory-optimisation
75 updates can be applied immediately.
31 of these updates are standard security updates.
To see these additional updates run: apt list --upgradableroot@Meow:~#Submit root flag
root@Meow:~# ls
flag.txt snap
root@Meow:~# cat flag.txt
b40abdfe23665f766f9c61ecba8a4c19Gain access to the target system, use the ‘ls’ command to explore the root directory, locate the ‘flag.txt’ file, and extract the root flag by employing the ‘cat’ command to read its contents.
We successfully solved the Meow machine, this was our first step. In this article, we have solved the HTB Meow CTF step by step and discussed various tools and concepts related to virtual machines, networking, command-line interfaces and service definitions. By following the explanations and commands given, you can successfully complete the Meow CTF and improve your skills in this process.
Keep adopting the “try harder” mentality, keep improving yourself until our next machine.
