CTF Range-100 - HackMD

# CTF Range-100 ## Challenge 100 ## Challenge 101 ## Challenge 102 ## Challenge 103 ![image](https://hackmd.io/_uploads/HySbjrcKle.png) * Rustscan * ![image](https://hackmd.io/_uploads/r1mtDV2tgl.png) * Nmap * ![image](https://hackmd.io/_uploads/BJZdP4hKel.png) * Apache2 default page on 80 port * ![image](https://hackmd.io/_uploads/HyxLDN3Kge.png) * Using `hydra` got ssh credential * ![image](https://hackmd.io/_uploads/Hk-ssNhFxe.png) * `rebecca:qwerty123` * Got shell as `rebecca` * ![image](https://hackmd.io/_uploads/ryMl3Vhtee.png) * The python in `rebecca` home directory has sudo permission without password * ![image](https://hackmd.io/_uploads/BkOwhV2Fge.png) * Follow the GTFObins and got shell as root via python3 * ![image](https://hackmd.io/_uploads/HJeFaV2Kee.png) ```zsh= sudo /home/rebecca/python3 -c 'import os; os.system("/bin/bash")' ``` ## Answer * Challenge 100:`qwerty123` * Challenge 101:`jk3hfp86fg` * Challenge 102:`python3` * Challenge 103:`Skillch3ck3d1`