https://tryhackme.com/room/source
Let's start with port scanning
There only two open ports. Let's head out to the http one.
Let's click on the link, but before we have to add "ip-10-10-27-163.eu-west-1.compute.internal" to our hosts file.
We get a Webmin login page. After looking up on google for possible exploits we saw this interesting blog post:
So let's fire up metasploit and exploit the vulnerability.
We change some options and run the exploit.
That's it. We're root, we control the machine. Let's grab the user flags.
Last updated 4 years ago
