Hey everyone, Today I will take you all to the walkthrough of the machine "SOURCE", a beginner-friendly machine on TryHackMe.
Let's Start With The Basic Thing.
By using Nmap we got the following output:
We can see two ports open, one is 22 and another is 10000. We don't know the username and password for 22 so we cannot go further.
Let's visit port Number 10000.
We saw a suggestion to try visiting the URL with HTTPS. Let's do this: https://<ip address>:10000.
You'll encounter an error. Just go to advanced options and proceed to the website. I found a login page with Webmin, a web-based system configuration tool for Unix-like systems. We don't know the credentials yet, so what should we do next?
Let's run Metasploit to see if Webmin has any vulnerabilities.
Here we go
Here we have to be careful and use the exploit that doesn't ask for any credentials.
I used 10 which is exploit/linux/http/webmin_backdoor.
We have to set LHOST, RHOST, and SSL which is by default false. We have to make it true to be able to exploit successfully and then simply type run or exploit.
We got the shell!!!
But it is unstable so we have to make it stable by writing the following command.
python3 -c 'import pty;pty.spawn("/bin/bash")'
Let's find the user and root flag. It'll be in the /root directory of course.
Now let's read the user flag. Go to /home/dark and cat the user.txt flag.
HAPPY HACKING!