Network challenges

Solution of Touch4

Log in to the ssh service on the http://jabba.hackingarena.com port 826. The admin user has one of the most common passwords.

We need to brute force the ssh service with a dictionary that has many easy passwords. Firstly, we can try with the 1000 most used password. If we type this to Google, we can find quite a lot results, there is a page https://github.com/DavidWittman/wpxmlrpcbrute/blob/master/wordlists/1000-most-common-passwords.txt where we can download one. We have to use the following command where command10.txt needs to be renamed to the dictionary file name: hydra -l admin -P command10.txt ssh://jabba.hackingarena.no:826
We can see there is one password found, princess.



We now have to try to login:
ssh admin@jabba.hackingarena.no -p826, the password is princess. With the ls command it is possible to list, the flag.txt file contains the flag we are looking for. Cat command helps us to open the file, so give the command cat flag.txt