Write-Up

If you want to follow along here’s the link for it : VulnHub Back again with another CTF write-up! This time, it’s all about mail servers. Let’s dive in. Enumeration First, we perform basic enumeration using netdiscover and nmap. A full port scan is necessary for this challenge: Upon inspecting the website, we find terminal.js. Decoding it (e.g., via CyberChef) reveals the string InvincibleHack3r, which serves as valid credentials for the user boris....

The challenge is based on : https://www.vulnhub.com/entry/coffee-addicts-1,699/ another vulnhub boot2root machine, well let’s get started! first of all let’s use netdiscover to see where the machine is. $ sudo netdiscover i retrieved the machine as 192.168.3.16, now let’s enumerate it with nmap. $ nmap 192.168.3.16 -A Now we get 80 and 22 which means it has a website and an SSH open for us, let’s check the website 192.168.3.16:80 it prompts us to add coddeeaddicts....