less than 1 minute read


What account was the username and password of the compromised user ?

NOTE: Use file given in 1st Chall Attack

Flag Format: vulncon{username_password}

Author - White_Wolf


I used Hydra to brute-force the SSH password:

hydra -l karma -P rockyou.txt -t 64 -s 2222 -V ssh

The Attack chall gave the information about the targeted user, and I used the rockyou wordlist to find the password, which is godisgood: