Rating:
Solution:
1. Identifying the Vulnerability:
From the provided hint, we learn that the application is using LibSSH 0.8.1, which is vulnerable.
A quick Google search reveals this vulnerability.
2. nmap Scan:
Running an nmap scan on the target IP address exposes the open ports and services.
3. Exploiting the Vulnerability:
Using the Exploit DB’s Python script for the LibSSH 0.8.1 vulnerability, we can gain a reverse shell.
Download the Paramiko exploit from this link.
4. The command to execute the exploit is:
`python3 exploit.py -T <ip_address> -P 22 -C '<linux_command>'`
5. Locating the Bomb:
After accessing the system, the location of the bomb can be found in `/location.txt`.
