Skip to main content

One post tagged with "TFTP"

TFTP (Trivial File Transfer Protocol) is a simple file transfer protocol used for transferring files over IP networks. It allows users to upload and download files without requiring authentication or encryption, making it relatively insecure. TFTP uses UDP as its transport protocol and relies on the underlying network infrastructure to ensure delivery of packets, which can make it vulnerable to packet loss and interception. Despite these limitations, TFTP is still widely used in embedded systems, routers, and other network devices where simplicity and ease of use are valued over security features.

View All Tags

HTB | Included | Write-Up

· 25 min read

Summary:

We test connectivity and scan the target, then enumerate its TFTP service and web page. We find an unauthenticated upload function on TFTP and a Local File Inclusion (LFI) vulnerability on the web page. We use these to upload a PHP reverse shell and gain low-level access via LFI.

With this foothold, we upgrade our access to user level using the acquired clear-text credentials. We then grab the user flag, enumerate further, and exploit privilege escalation opportunities to reach root level access with the help of the lxdprivesc script. Finally, we obtain the root flag.

Machine Name: Included | Difficulty: Easy | OS: Linux