This challenge was fairly easy like all level 1s. We have a web app with a file upload. The hint tells us that files are uploaded to the /uploads/ folder and to take a look at the users’ home directories for clues. I uploaded a tiny webshell and headed to /home/level1. I noticed that there is a file called “README”. This file says that we are close but to not look so far. Since this is a linux machine, the next obvious place is to check the .bash_history file. Bingo! There’s the password.
No comments:
Post a Comment