Meow
Platform : HackTheBox (Starting Point — Tier 0) Difficulty : Very Easy Date : 07/04/2026
Tags : #htb #starting-point #telnet #misconfiguration
Recon
nmap -sV [TARGET]
Port 23 open — telnet. Nothing else.
Exploitation
telnet [TARGET]Tried common defaults :
- admin → denied
- root (no password) → in
ls, flag.txt is right there.
cat flag.txtNotes
- Telnet = cleartext protocol, should never be exposed
- Empty root password = textbook misconfig
- One badly configured service is enough to own a box