1. Home
  2. Training Library
  3. Programming
  4. Programming Courses
  5. Pentesting and Privilege Escalation with Wakanda

Pentesting and Privilege Escalation with Wakanda

Contents

keyboard_tab

The course is part of this learning path

Wakanda Setup
Overview
Difficulty
Intermediate
Duration
1h 7m
Students
3
Description

This course will walk you through how to solve a number of tasks as part of a capture-the-flag (CTF) game called Wakanda. You will learn the necessary skills to excel in penetration testing and privilege escalation.

Transcript

Hi, within this section we're going to solve a new CTF which is called Wakanda and it resides under the vulnhub.com which is a fantastic website because there are a couple of actually there are hundreds of virtual machines over here. Of course, they're vulnerable machines and this website is completely free. So, we're going to start with those, we're going to take a look at a couple of those and first of which is going to be Wakanda. So, this is a movie, maybe you know that the Black Panther movie and I didn't even watch the movie, but we're going to try and solve the CTF together. So, if you search for Wakanda and if you just find this machine over here. This is released in five of August, fifth of August 2018. And as you can see there are a couple of download mirrors over here. Just download one. So, it downloads an OVA file, so that you can run it easily on your virtual box. And here we have a description. It's always a good idea to read about description. This is only hint that we're going toI get in this virtual machine. In the previous section when we try and solve the bandwidth, we had a lot of tips, a lot of briefs, a lot of descriptions, but this is the only one that we're ever going to get. And it only says that we're going to get the route. So there are three flags. So, flag1, flag2, and the root txt. And we're going to find them. So, this is the essence of capture the flag. We're going to capture those flags and this is kind of an intermediate level machine. So, anyway, as you can see there isn't too much into over here just as follow your intuitions and enumerate. So, this is about the enumeration and there is a logic that we saw all of those CTFs during the course. So, we're going to start with this thing and we're going to move on to other things where we focus on other areas rather than enumeration. So, download this OVA of course, I downloaded it in order not to make you wait and read the descriptions and then you can run it on your virtual box. I'm going to show you how to install it. Once you download the OVA, you're going to have to double click on it and just import it as it is. We can change the settings later on. Just make sure you import it. Of course, if you're using something else, than virtual box like VMware where you're going to have to make sure that you find a way to import your OVA into VMware, but I believe this machine is specifically built for virtual box. So, since virtual box is free, you can download it and use it anyway. So, make sure this is Linux and DB in 64 bit. And for the RAM, I'm going to live with that 1Gig, okay? Video memory, we're not even going to need that. So, let me just go over here. Network is important. I'm going to make it into the NAT Network. Okay, because that's my Kali operates, that's where my Kali operates. I'm going to make the promiscuous mode, I love all. And here you go, my Kali is working on the NAT Network. Please be aware of that. It's very important they have to connect with each other, so make sure you both put them on the same NAT Network, Of course, if you're working with some other network like NAT or Bridge Adapter it's fine to make sure they actually communicate with each other. So, here you go, this is our machine. And as you can see it asks for a login, but we don't know how to login over here. We don't have a hint on that. We're just going to have to just take this to the Kali Linux. So, I'm going to open my Kali Linux. And I believe we don't even know the IP address of that machine yet, but we can just do a netdiscover or Nmap in order to get the IP of the target machine. So, let me just run IFconfig. Here we go. We are on 10.0.2.4. So, I'm going to run netdiscover with the range of 10.0.2.0/24. So, I believe you know how to do this stuff. How to get the IP from like in an internal network and if your netdiscover doesn't work you can always go with the nmap as well. You can run nmap with a range like this, okay like we did in the netdiscover just make sure you get the IP address of the target machine. That's where we start, right? We're gaining information over here. We're gathering information and we're just going to enumerate a little bit. We're going to go into the active scan which is Nmap basically later on. But we're going to have to see the IP address of the target machine. And here we are. So, 10.0.2.14. I believe we are on 10.0.2.4, so 10.0.2.14 must be the target machine. And as you can see we already see the open ports over here. And netdiscover isn't even complete yet, but we can always get the IP from here. Anyway our path is clear. I believe we're going to have to run an Nmap scan against this 10.0.2.14. So, I'm going to open a new tab over here. You can run an Nmap scan or you can just use Zenmap whichever you want. So, I'm going to go for the Nmap, I'm going to go for the service over here, so sS-SV, okay, and if you have a favorite Nmap scan, you can always go for that. And see if you get the appropriate result back. I'm going to search for all ports in 10.0.2.14, so remember this -p- stands for all ports. So, I'm just going to see if we have like any other open ports rather than this and I believe we can't use the fast scan over here, so I'm going to just make it A. So, here you go now it started Nmap against 10.0.2.14. Of course it's going to take some time. If you want you can always pause this and here we go, we have the netdiscover scan results back in here as well. So, 10.0.2.14 is the target and we can see the MAC address over here. You can go for the Zenmap if you want. As I said before, you can just choose the intense scan or any other scan profiles from here. And you can see the comment over there Nmap is just agree, so as Zenmap is just agree, you can always run Nmap from your terminal. Here you go. So, we have various parts over here which is surprising. No, not surprising because we have already seen the 8111 and 3333 over here. I believe we have an extra one. But we're going to take a look at all of those things, right? So, the important thing is we have the results back and we have the services and stuff. So, other important thing is make note of that. So, I'm going to go into my documents. I'm just going to go into my CTF folder. And I'm going to create a new Wakanda folder over here, which is where we're going to save all the notes regarding to the CTF. So, I'm going to create a new notes text, notes file over here like notes.txt, okay with nano. And I'm going to copy and paste the Nmap scan results over there, so that if we just close this terminal by mistake, we can always go back and see what it was. So, I'm going to paste over here like that. So, here you go. Now, we have the Nmap scan result. I'm going to say control or enter control X, now it's saved. Great. Now, if I cut this out, we can see the Nmap result every time we do that. So far, so good. So, I believe this was the first step. Now, we are ready to analyze the results back from the Nmap and make our way into this machine, right? So, let's do that within the next lecture together.

 

About the Author
Students
189
Courses
55
Learning Paths
3

Atil is an instructor at Bogazici University, where he graduated back in 2010. He is also co-founder of Academy Club, which provides training, and Pera Games, which operates in the mobile gaming industry.