"Roseau": Hack a Web Server

Scenario: "Roseau": Hack a Web Server

Level: Hard

Type: Hack

Tags: apache   hack  

Description: There is a secret stored in a file that the local Apache web server can provide. Find this secret and have it as a /home/admin/secret.txt file.

Note that in this server the admin user is not a sudoer.

Also note that the password crackers Hashcat and Hydra are installed from packages and John the Ripper binaries have been built from source in /home/admin/john/run

Root (sudo) Access: False

Test: sha1sum /home/admin/secret.txt |awk '{print $1}' returns cc2c322fbcac56923048d083b465901aac0fe8f8

Time to Solve: 30 minutes.

Interested in a career debugging servers? Want to help manage thousands of GPU servers? Send an email to careers@fluidstack.io !

Static Badge      GitHub Repo stars      Mastodon Follow      Bluesky Follow      X (formerly Twitter) Follow      Uptime Robot ratio (30 days)
Updated: 2024-11-15 22:43 UTC – ae72dce