Skills Assessment 1&2 Login Brute Forcing

Question 1 - What is the password for the basic auth login?

• We were given the username & password wordlists, so let’s use them:

  hydra -L <username wordlist> -P <password wordlist> <ip> http-get / -s <port>
  

Question 2 - After successfully brute forcing the login, what is the username you have been given for the next part of the skills assessment?

• When we login using the credentials that we found we find the username:
  

Skills Assessment Part 2

Question 1 - What is the username of the ftp user you find via brute-forcing?

• we know the username, I ran a nmap scan and found ssh running.. so let’s crack it with the given wordlist.

  medusa -h <ip> -n <port> -u <username> -P <wordlist> -M ssh -t 3
  

• Running that we get the password.

  

• Login with the credentials. Don’t forget the port

  ssh username@<IP> -p <port>
  

• We have some files, When we cat the IncidentReport.txt we get to know about a user: Th****. So yeah that’s the user.

Question 2 - What is the flag contained within flag.txt

• Now that we have a username, we also are provided with the password wordlist to crack ftp..
• When we run medusa with the username, I didn’t find any password match.. and then the username to th****(small case) and found the password.
  
• Let’s login and get our flag.
• And yep, that’s it.