Nmap Output:

 

 

http

 

 

view-source:

 

 

/assets/style.css

 

 

Looks like we found a flag.

 

/sup3r_s3cret_fl4g/

 

we got rickrolled!

 

 

if we look at the http response

 

 

/WExYY2Cv-qU

 

 

Hot_Babe.png

 

 

strings

 

 

We were given a wordlist file for ftpuser.

 

Wordlist is a bit long. So let's use hydra directly.

 

 

We can log in to FTP.

 

 

Brainfuck.

 

 

Lets login

 

 

A message greets us, but let's get the user flag first.

 

 

We don't have permission. Let's get back to the message.

 

 

The password of the user Gwendoline is written.

 

 

sudo -l

 

 

At this stage, when I tried the method in gtfobins, I did not get any results.

 

I got help from the internet.

 

 

When the vi opens, what we need to do is:

 

 

thats all

 

then the flag