Open in app

Sign in

Write

Sign in

Fawn HTB (Starting Point)

Rishabh Rai
2 min readMay 7, 2023

--

Hello, everyone we are here to pwn the next machine that is named fawn, and this is also a very straightforward and simple machine to solve. Let us move to the actual hacking part here.

After hitting random keys for a while. I ran this command to check for all the services running on the IP, their versions and ran a default scripts on those services. Finally saving it as nmap_fawn.

After running the command I found out that there is a ftp service running and due to the -sC we can see the default script has fetched the flag.txt with the anonymous login.

which means this server is subjected to anonymous login vulnerability. So let’s start exploiting this.

Lets connect to the FTP server using the command:

ftp <IP>

let us give anonymous in the username field and hit enter in the password section.

And that should log us in the ftp server, now we can get the flag file using the “get” command obviously.

Once done we will exit from the ftp server and come to the working directory and “cat” the flg.txt we just downloaded.

and there you have it one easy peasy room done and dusted !!…

HAPPY HACKING 🥳🥳🥳……….

Hackthebox
Walkthrough
Writeup
Hacking
Learning

--

--

Rishabh Rai
Rishabh Rai

Written by Rishabh Rai

146 Followers
49 Following

Automation engineer with a cybersec background. Passionate about tech, coding, and sharing personalized insights through blogs. Always exploring and learning!

No responses yet

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams