[Web] Starting Point: Meow === [題目連結](https://app.hackthebox.com/starting-point) # Question 1. What does the acronym VM stand for? > Virtual Machine 2. What tool do we use to interact with the operating system in order to start our VPN connection? > terminal 3. What service do we use to form our VPN connection? > openvpn 4. What is the abreviated name for a tunnel interface in the output of your VPN boot-up sequence output? > tun - <font class=red>TUN: 作業系統核心中的虛擬網路裝置</font> 5. What tool do we use to test our connection to the target? > ping 6. What is the name of the script we use to scan the target's ports? > namp - <font class=red>nmap (network mapping): 網路連接埠掃描工具，自由軟體</font> 7. What service do we identify on port 23/tcp during our scans? > telnet - <font class=red>telnet: 一種應用層(第7層)協定，以虛擬終端機的形式，以文字為主的指令互動介面，常用於伺服器遠端控制</font> 8. What username ultimately works with the remote management login prompt for the target? > root # Submit root flag - 目標IP: 10.129.195.195 1. 測試連線狀態 > <font class=green>ping</font> <font class=black>10.129.195.195</font> > > 2. 掃描連接埠 > <font class=green>sudo nmap</font> <font class=purple>-sV</font> <font class=black>10.129.195.195</font> > >  3. 掃描到 **連接埠23/tcp telnet協定** >  4. 與目標IP連線 ><font class=green>telnet</font> <font class=black>10.129.195.195</font> > > - 有時因配置錯誤，有些重要的帳號會將密碼留空，以確保能夠正常訪問。因此，可以使用帳戶名單逐一測試。 典型帳戶名稱，如: - admin - administrator - root 5. 測試 " admin " **(失敗)** >  6. 測試 " administrator " **(失敗)** > 7. 測試 " administrator " **(成功)** >  8. 查看資料夾 > <font class=black>ls</font> > >  9. 找到 " flag.txt "，查看檔案內容 > <font class=black>cat flag.txt</font> > >  10. 取得 flag >HTB{b40abdfe23665f766f9c61ecba8a4c19} <style> .green{ color: green; font-weight: bold; } .black{ color: black; font-weight: bold; } .purple{ color: purple; font-weight: bold; } .red{ color: red; font-weight: bold; } </style>