Room: Advent of Cyber 2
The Best Festival Company (TBFC) has since upscaled its IT infrastructure after last year’s attack for all the other elves to use, including a VPN server and a few other services. You breathe a sigh of relief…“That’s it, Me, Elf McEager saved the Christmas of 2020! I can’t wait to — -”
But suddenly, a cold shiver runs down your spine, interrupting your monologue…
You suddenly recall that Elf McSkidy had set up a Samba file server just before the attack occurred — could this have been hacked too?! What about our data…Oh no, quick! Find out what usernames may have been leaked and attempt to login to the server yourself, noting down any vulnerabilities found to report back to Elf McSkidy.
Question #1 Using enum4linux, how many users are there on the Samba server?
I used the following command to show all the users:
Looks like there are three users present:
Question #2 Now how many “shares” are there on the Samba server?
A slightly different command will produce info about all the shares:
This shows that there are four shares present.
Question #3 Use smbclient to try to login to the shares on the Samba server. What share doesn't require a password?
I could not get onto either the IT or HR shares without a password, but it looks like the tbfc-santa share is unprotected.
Question #4 Log in to this share, what directory did ElfMcSkidy leave for Santa?
Here we can see the two directories available.
“jingle-tunes” ended up being the correct answer. That directory was empty, but I did grab the note off the share so I could read it:
Happy Hacking! ❤