Cyber Apocalypse 2024

BunnyPass

Solved by : Starry-lord

In this challenge we only have a docker instance, here is what we see:

RabbitMQ is a reliable and mature messaging and streaming broker – https://www.rabbitmq.com

When we research about RabbitMQ online we can find interesting details, such as the the default password for an installation which is : guest:guest .

We can see an admin panel, which allows to edit user rights and access to any ressource, and also shows the guest user has the administrator role, for some reason.

We then notice a few Messages are ready so we can click to see whats going on in quality_control, production_logs, maintenance_logs, factory_idle, etc. The flag is in factory_idle.

HTB{th3_hunt3d_b3c0m3s_th3_hunt3r}