Quaoar — hackfest2016 — Walkthrough

Another VulnHub Machine

Quaoar is the first machine from the series of 3 machine from hackfest2016 and by the creator Viper.

Let’s dive directly into hacking the machine. There are 3 flags we have to find. Let’s go.

Finding the IP address of the machine.

Moving onto NMAP Scan

Now we see that port 80 is up and running. Let’s check it.

Seems like a simple web page. Let’s click onto the Text in the bottom-left corner of the page and we are directed towards another image.

So there is nothing special here. Let’s move onto running “dirb” to enumerate directories.

The WordPress is up and running.

Let’s find the admin panel and try to login with default credentials.

On providing the default credentials i.e admin:admin we are logged into the admin panel.

Let’s copy the PHP shell and edit the LPORT and LHOST.

Editing the file using gedit and adding the details for reverse connection to our machine.

Now this shell can be uploaded in the themes panel as well as in the plugins panels. Let’s put NETCAT in listening mode and access the shell.

We have successfully got the shell on the system. Lets grab the fist flag.

Now as it is WordPress we will be looking onto the Wp-Config file for the root username and password.

We can log into the system via SSH or via our previous shell we can switch user using SU command and providing the credentials for the root user.

So we are logged into the machine as root. Now for the post exploitation. We know where the flag can be.

That’s all. We are done with this machine.

Thanks for reading!