HTB: Dancing Walkthrough
A walkthrough of the Dancing room on Hack The Box.
A walkthrough of the Redeemer room on Hack The Box.
Challenge Type: Offensive | OS: Linux | Difficulty: Very Easy
Question 1: Which TCP port is open on the machine?
Run a NMAP scan on the server to find the open port, don’t forget to use the -p- option which scans all ports. Be warned though, this will take ages.
The answer to this question is 6379
Question 2: Which service is running on the port that is open on the machine?
The nmap scan aboves provide the answer. The answer for this question is redis.
Question 3: What type of database is Redis? Choose from the following options: (i) In-memory Database, (ii) Traditional Database
A Google search will return this question, but otherwise the answer to this question is In-Memory Database
Question 4: Which command-line utility is used to interact with the Redis server? Enter the program name you would enter into the terminal without any arguments.
Same as above, if you’re not familiar with redit, Google is your friend. The answer to this question is redis-cli
Question 5: Which flag is used with the Redis command-line utility to specify the hostname?
Run redis-cli –help to see the man page. The answer to this question is -h
Question 6: Once connected to a Redis server, which command is used to obtain the information and statistics about the Redis server?
Google Redis Commands and you’ll be able to find this answer. The answer to this question is info
Question 7: What is the version of the Redis server being used on the target machine?
Refer to question 1, the answer to this question is 5.0.7
Question 8: Which command is used to select the desired database in Redis?
Refer to the Redis Command website from questoin 6, this will provide you the answer. The answer to this question is SELECT
Queastion 9: How many keys are present inside the database with index 0?
Connect to the database with the redis-cli command and use info.
The answer to this question can be found under keyspace, which is 4
Question 10: Which command is used to obtain all the keys in a database?
Google is your friend here.
The answer for this question is keys *
Question 11: Submit the flag located in the database.
Run get flag to output the key value.
The answer to this question is 03e1d2b376c37ab3f5319922053953eb
Written by: Jamie Ngo
Tagged as: Redeemer, Hack The Box.
Courses Jamie Ngo
Courses Jamie Ngo
todayJuly 28, 2024
Cyber Security Jamie Ngo
Learn how to secure your MyGov account to ensure you don’t become a victim.
Copyright 2021
Post comments (0)