Bash the Botnet | CyberStart Completion

Bash the Botnet

Briefing:

We have managed to gain access to a server used by one of The Chiquittoos’ side businesses. We think the gang use it to connect to their botnet, which we want to take down. The botnet is of course password protected but, if you can find the password we can log in and disable it!

Log into the server using these credentials and see if you can find the password.

SSH sessions only last 60 minutes, after that you will need to reload the page to get a new one.

(The details given are dynamically generated, they will be different each time.)

Tip: The password is the flag.

Hint:

If the gang uses the terminal to connect to their botnet, they may have typed the password in there. Maybe look in the Linux command history?

How to Solve:

  1. Open a SSH connection using the credentials provided in the Briefing.
  2. Use the history command to check the history of the commands run.