![planet centauri walkthrough planet centauri walkthrough](https://games-cdn.softpedia.com/screenshots/Planet-Centauri_1.jpg)
![planet centauri walkthrough planet centauri walkthrough](https://cdn.staticneo.com/ew/e/e5/Space_pilgrim_alpha_centauri_act1.jpg)
We could find two exploits on the exploit-db website, which can be seen below. The very first google search results mentioned that it is vulnerable to remote shell upload vulnerability. We researched over the web for an available exploit for this version. We could find from the information provided on the login page that the installed version is 4.7.13. In the next step, we will explore this utility and find further possibilities and vulnerable areas.
#PLANET CENTAURI WALKTHROUGH SOFTWARE#
The login page mentioned a software named ‘pluck.’ We could also see the version information on the browser. First, we tried our luck with a few commonly known default passwords, but we weren’t that lucky. The file was named ‘admin.php,’ so let’s open this file into the browser.Īs can be seen above, the admin.php file redirected us to a login page. Among the scan results, there was an interesting file that caught our attention. We also identified that the directory listing was enabled on the target machine. The scan command and results can be seen below. The tool is by default available in Kali Linux. For this purpose, we used the Dirb utility which identifies hidden files and folders in an application by brute-forcing common web application files and folders. So, we decided to enumerate the files and folders on the target application. We are redirected to a page without much info. After opening the IP address in the browser, we found an application running on it which can be seen in the screenshot given below. We will start the enumeration via the HTTP port. So, let’s start by exploring the open port and services on the target machine. In the next step, we will start enumerating the FTP service. Port 22 is shown as “filtered.” The SSH service is running on the target machine. The HTTP port 80 is open through which the apache service is running, and. We can see in the results that two ports are shown as open on the target machine. It will enumerate the version of the running service. In the highlighted area of the above screenshot, I used the -p- option, which tells Nmap to conduct the complete port scan. The running command and the output of the Nmap scan can be seen in the following screenshot. This is to find the open ports and services on the target machine and help us proceed further. In this step, we will scan the target machine by using the popular port scanning tool Nmap. The next step is to scan the target machine by using the Nmap tool. Unlike my other CTFs, this time, we do not require running the Netdiscover command to get the target IP address. Note: The target machine IP address may be different in your case, as the network DHCP assigns it. The target machine IP address is 192.168.1.21, and we will be using 192.168.1.54 as an attacker IP address. The target machine’s IP address can be seen in the following screenshot. The walkthrough Step 1Īfter running the downloaded virtual machine in the virtual box, the machine will automatically be assigned an IP address from the network DHCP. So, now we have all the information we need, let’s get started with the challenge.
![planet centauri walkthrough planet centauri walkthrough](http://planetcentauri.com/images/vspl/1.png)
Getting the target machine IP address by running the VM.