Source

https://tryhackme.com/room/source

User Flag

Let's start with port scanning

There only two open ports. Let's head out to the http one.

Let's click on the link, but before we have to add "ip-10-10-27-163.eu-west-1.compute.internal" to our hosts file.

We get a Webmin login page. After looking up on google for possible exploits we saw this interesting blog post:

LogoPentest Blog - Self-Improvement to Ethical Hackingpentest.com.tr

So let's fire up metasploit and exploit the vulnerability.

We change some options and run the exploit.

That's it. We're root, we control the machine. Let's grab the user flags.

Root Flag

PreviousEasyNextCat Pictures

Last updated

Was this helpful?