If someone need a tip or clue regarding Mirai box. let me know, Login :: Hack The Box :: Penetration Testing Labs
This machine was simple easy and interesting. i will make a wirteup when the box will be retired.
Hii I am suck in root.txt how to get root.txt
root@raspberrypi:~# cat root.txt
I lost my original root.txt! I think I may have a backup on my USB stick…
root@raspberrypi:~#
root.txt file was referering to something elsewhere we have to look for root.txt
So, this is what i did! found usb using
$ lsblk
root@raspberrypi:~# lsblk
NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT
sda 8:0 0 10G 0 disk
|-sda1 8:1 0 1.3G 0 part /lib/live/mount/persistence/sda1
`-sda2 8:2 0 8.7G 0 part /lib/live/mount/persistence/sda2
sdb 8:16 0 10M 0 disk /media/usbstick
sr0 11:0 1 1024M 0 rom
loop0 7:0 0 1.2G 1 loop /lib/live/mount/rootfs/filesystem.squashfs
root@raspberrypi:~#
/media/usbstick was our path.
After i went to that directory this is what i found another challange.
root@raspberrypi:/media/usbstick# ls
damnit.txt lost+found
root@raspberrypi:/media/usbstick# cat damnit.txt
root@raspberrypi:/media/usbstick# cat damnit.txt
Damnit! Sorry man I accidentally deleted your files off the USB stick.
Do you know if there is any way to get them back?
-James
root@raspberrypi:/media/usbstick#
Now I have to recover something
**root@raspberrypi:/media/usbstick# df -h**
Filesystem Size Used Avail Use% Mounted on
aufs 8.5G 2.8G 5.3G 35% /
tmpfs 101M 13M 88M 13% /run
/dev/sda1 1.3G 1.3G 0 100% /lib/live/mount/persistence/sda1
/dev/loop0 1.3G 1.3G 0 100% /lib/live/mount/rootfs/filesystem.squashfs
tmpfs 251M 0 251M 0% /lib/live/mount/overlay
/dev/sda2 8.5G 2.8G 5.3G 35% /lib/live/mount/persistence/sda2
devtmpfs 10M 0 10M 0% /dev
tmpfs 251M 8.0K 251M 1% /dev/shm
tmpfs 5.0M 4.0K 5.0M 1% /run/lock
tmpfs 251M 0 251M 0% /sys/fs/cgroup
tmpfs 251M 56K 250M 1% /tmp
/dev/sdb 8.7M 93K 7.9M 2% /media/usbstick
tmpfs 51M 0 51M 0% /run/user/999
tmpfs 51M 0 51M 0% /run/user/1000
I found the path of /media/usbstick which is /dev/sdb
After testing with a tool named extundelete i found this root.txt were deleted.
root@raspberrypi:~# extundelete /dev/sdb --restore-file /media/
NOTICE: Extended attributes are not restored.
Loading filesystem metadata ... 2 groups loaded.
Loading journal descriptors ... 23 descriptors loaded.
Failed to restore file /media/
Could not find correct inode number past inode 2.
Try altering the filename to one of the entries listed below.
File name | Inode number | Deleted status
. 2
.. 2
lost+found 11
root.txt 12 Deleted
damnit.txt 13
extundelete: Operation not permitted while restoring file.
extundelete: Operation not permitted when trying to examine filesystem
root@raspberrypi:~/output# extundelete /dev/sdb --restore-inode 12
NOTICE: Extended attributes are not restored.
Loading filesystem metadata ... 2 groups loaded.
Loading journal descriptors ... 23 descriptors loaded.
root@raspberrypi:~/output# ls
RECOVERED_FILES audit.txt
root@raspberrypi:~/output# cd RECOVERED_FILES/
root@raspberrypi:~/output/RECOVERED_FILES# ls
file.12
root@raspberrypi:~/output/RECOVERED_FILES# cat file.12
--Exetundelete command not found error and I try to install that program but not possible
You need to install that tool.
hello Plz help me in ctf, i am new in this but can you suggest from where i learn the basic step to exploit vulnerable machins
Are you working on Mirai Machine? Or you wanna understand CTFs in general?