- Default permit! Everybody has access to the trace.
- Plaintext login!
There is a file called capture.pcap inside the folder of
/home/flag08. With tcpflow we can follow the packets and see its content.
tcpflow -cr capture.pcap
This reveals the password indirectly. There is something like a login and password. The login seems to be
level08 and the password
. as a backspace we get the following credentials:
user: level08 pass: backd00Rmate
Using this password and the user
flag08, we can successfully login as user
flag08 and execute
Lesson / How to fix
- Use restrict permissions!
- Do not use plaintext logins!