Want to run this Docker container locally?

docker run -d -p 9008:80 --restart always --name flag8 joshbeck2024/ctf-git-dumper-training-flag-8

For this lab, you will need Kali Linux. (VMWare workstation highly suggested.)

If you haven’t worked through the previous labs in the series, you’ll need to do that first to complete the challenge at the end. (Previous Labs Here)

For this lab, we’ll solve Flag_8 on the iCSI Cyber Range.

The IP Address of Flag_8 is 172.25.200.200. Let’s start with an nmap and see what we’re working with.

nmap -sC -sV 172.25.200.200

Here, we have an Ubuntu machine running Apache 2.4.52. The page title is ‘Weather App Landing page.’ Let’s take a look. In your Kali browser, go to:

nmap -sC -sV -p 9008 172.25.200.200

We have an index.html (probably) page where the links do nothing. There isn’t much to exploit here in terms of web page functionality.

In a red-team engagement, this would be the time when you would want to ‘fuzz’ the website to see if any folders or files exist that this index.html might be hiding.

Let’s create a folder to work in on our Kali machine first.

mkdir Lab_04
cd Lab_04

Next, follow the directions here to download the suggested wordlist from Daniel Meissler’s Github page.

In my case, I’ll rename the file to wordlist.txt just because it will be easier to type.

mv directory-list-2.3-small.txt wordlist.txt

Let’s see how many words are in this wordlist with the wc command.