Ignition

2MB

Ignition_Write_Up.pdf

pdf

Task 1

Which service version is found to be running on port 80?

Answer:

• Run the following nmap scan

• nmap -sV -p 80 [IP]

• The answer is "nginx 1.14.2"

Task 2

What is the 3-digit HTTP status code returned when you visit http://{machine IP}/?

Answer:

• Run the following to easily discover the code:

• curl -v http://[IP]

• The answer is 302

Task 3

What is the virtual host name the webpage expects to be accessed by?

Answer:

• In your web browser input the IP you were given and it should automatically transfer you.

• The URL should now read "ignition.htb" which is the answer.

Task 4

What is the full path to the file on a Linux computer that holds a local list of domain name to IP address pairs?

Answer:

• The answer is /etc/hosts

Task 5

Use a tool to brute force directories on the webserver. What is the full URL to the Magento login page?

Answer:

• Run a gobuster dir search:

  • gobuster dir -u http://ignition.htb/ -w /usr/share/dirb/wordlists/common.txt

• The answer will pop up with /admin. Therefore the full URL is:

  • http://ignition.htb/admin

Task 6

Look up the password requirements for Magento and also try searching for the most commong passwords of 2023. Which password provides access to the admin account?

Answer:

• Googled password requirements for Magento and it shows that at minimum it needs to be 7 characters long with letters and numbers.

• I googled most used passwords for 2023 and after trying a few finally found that "qwerty123" works.

Submit Flag:

• Once you have signed into the admin account the flag will be on the first page in the text:

• 797d6c988d9dc5865e010b9410f247e0