- Defence in Depth
- Basic Endpoint Hardening
- Simple Boot2Root Methodology
After the machine is up.
Log in to the admin account via SSH using the credentials supplied below.
Username:
admin
Password:
SuperStrongPassword123
QUESTIONS:
- What is the default port for Jenkins?
Answer
8080
- What is the password of the user tracy?
Answer
13_1n_33
Password of the user tracy is in the /opt/scripts/backup.sh file:
- What's the root flag?
Answer
ezRo0tW1thoutDiD
- What is the error message when you login as tracy again and try sudo -l after its removal from the sudoers group?
Answer
Sorry, user tracy may not run sudo on jenkins.
To remove user tracy from sudo group
Command:
sudo deluser tracy sudo
Then again login as user tracy:
- What's the SSH flag?
Answer
Ne3d2SecureTh1sSecureSh31l
SSH flag is located in /etc/ssh/sshd_config file.
cat /etc/ssh/sshd_config
- What's the Jenkins flag?
Answer
FullTrust_has_n0_Place1nS3cur1ty
Jenkis flag is located in /var/lib/jenkins/config.xml.bak file:
cat /var/lib/jenkins/config.xml.bak
