Open in app

Sign in

Write

Sign in

Hack the Box — Meow Solution

Nihir Zala
3 min readJan 11, 2023

--

Hack the Box is a platform to improve cybersecurity skills to the next level through the most captivating, gamified, hands-on training experience.

I will cover solution steps of the “Meow” machine, which is part of the ‘Starting Point’ labs and has a difficulty rating of ‘Very Easy’.

Login to Hack the Box portal and navigate to Starting Point’s page, where you will be prompted to choose between a PWNBOX or an OVPN (i.e. OpenVPN) connection. A PWNBOX is a pre-configured, browser-based virtual machine and requires a HackTheBox VIP+ membership for unlimited access.

I have used the OVPN method and Kali Linux through VirtualBox for this challenge. Download the VPN (.ovpn) configuration file and open a terminal window and run below mentioned command –

sudo openvpn [filename].ovpn

Note: [filename] should be replaced with the name of your downloaded .ovpn file for the Starting Point lab.

You will see the Initialization Sequence Completed line at the end, which confirms we have now connected to the Meow machine

Refresh the page in browser to see the new connection and then we can activate the machine by clicking the ‘Spawn Machine’ button

The machine is now active and showing a target IP address

Task 1: What does the acronym VM stand for?

Virtual Machine

Task 2: What tool do we use to interact with the operating system in order to issue commands via the command line, such as the one to start our VPN connection? It’s also known as a console or shell.

Terminal

Task 3: What service do we use to form our VPN connection into HTB labs?

openvpn

Task 4: What is the abbreviated name for a ‘tunnel interface’ in the output of your VPN boot-up sequence output?

tun

Task 5: What tool do we use to test our connection to the target with an ICMP echo request?

Ping

Task 6: What is the name of the most common tool for finding open ports on a target?

Nmap

Task 7: What service do we identify on port 23/tcp during our scans?

Telnet

Task 8: What username is able to log into the target over telnet with a blank password?

root

Task 9: Submit root flag

To solve this task, we need root flag. Perform a scan on the target IP using nmap tool.

It can be noticed, 23/tcp port is open and service is telnet.

Now, type the command telnet [Target_IP] in terminal to connect the server.

It will ask for the Meow Login and we can use “root” as username which is covered in previous task

We are able to connect using default username and without providing any password. Now use basic command “ls” to get all the folders/files available in that server

We can see the flag.txt file and to view the content of this file use cat command, which stands for concatenate.

Copy the flag value and submit in the browser

You will receive message as “Meow has been Pwned” and Challenge solved successfully.

Hackthebox
Starting Point
Htb
Meow

--

--

Nihir Zala
Nihir Zala

Written by Nihir Zala

37 Followers
1 Following

Hi there, I'm Nihir Zala—a Laravel developer from Gujrat, India, with over 2.5 years of professional experience. I also learning Penetesting from THM and HTB.

No responses yet

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams