Open in app

Sign in

Write

Sign in

Meow HTB (Starting Point) Walkthrough

Rishabh Rai
3 min readMay 6, 2023

Hello everyone, I am here with a machine from the starting point. This is the very first machine and it should be relatively easy to solve. My goal is to finish the complete starting point one by one. So stay tuned for more blogs in this series.

So let’s get started with the machine

Let’s get started with the machine. Firstly, let us scan the IP on our machine using nmap:

As you can see, we have one service running, telnet. Telnet is already a very vulnerable service to run on any machine. It allows anonymous login sometimes, misconfigurations, and weak passwords.

Let us try to login to the telnet service first by typing the command:

telnet <IP>

We are greeted with this banner:

Now we have to input the username to login:

I tried using “anonymous” as we use in ftp to login anonymously, but when it did not work, I tried “root” which sometimes works.

To my surprise, I was logged in to the root shell, which I was not at all expecting because it took me only a few minutes to solve this machine.

I was expecting it to be simple, but it is very simple. If you are just starting, then it may be a good start. After logging in, just “cat” the flag and you are ready to move ahead to the next machine.

The questionnaire part still remains lets get to it :

TASK-1: What does the acronym VM stand for?

search the google for it.

TASK-2: What tool do we use to interact with the operating system in order to issue commands via the command line, such as the one to start our VPN connection? It’s also known as a console or shell.

The shell we ran command on is called the terminal.

TASK3- What service do we use to form our VPN connection into HTB labs?

Read the connection instructions, or search for tools to connect virtually to machines on HTB.

TASK4- What is the abbreviated name for a ‘tunnel interface’ in the output of your VPN boot-up sequence output?

TASK5- What tool do we use to test our connection to the target with an ICMP echo request?

Use google.

TASK6- What is the name of the most common tool for finding open ports on a target?

TASK7- What service do we identify on port 23/tcp during our scans?

Read the nmap output.

TASK8- What username is able to log into the target over telnet with a blank password?

TASK9- Submit root flag

Login to the service and “cat” flag.txt.

THE MACHINE IS PWNED!!! HAPPPY HACKING……🥳🥳

Hackthebox
Starting Point
Meow
Writeup
Walkthrough

--

--

Rishabh Rai

Written by Rishabh Rai

117 Followers

4th year student exploring the world of cyber security with a knack for writing and always learning.

Help

Status

About

Careers

Blog

Privacy

Terms

Text to speech

Teams