TryHackMe write-up: Brute It

Introduction

This is my write-up for TryHackMe’s Brute It Room.

Enumeration

Using nmap, I found that this box had 2 ports open.

Checking port 80, I see the default Apache web page.

I then used gobuster to search for any folders.

The new folder leads to a login page.

Exploitation

Looking at the source code, I found a username.

So the username is in the source’s comments. Now, all I needed to do was to find the password. This was accomplished by using hydra.

After finding the password, I was able to login. Here, I found the first flag.

There was also a link to download the SSH private key.

Trying to login via SSH using the private key proved futile at the moment. To be able to use the key, I needed to know the key’s password. To do so, I had to use both ssh2john to convert the key and then run john to crack the hash.

Once the key’s password was cracked, I was able to successfully login.

Privilege Escalation

Checking for sudo privileges, it turns out I could run the cat command as root. I then proceeded to check /etc/shadow to get the root hash.

Running john again to get the root password, I was able to su as root.

--

--

--

I like breaking stuff.

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

{UPDATE} Fondos de Amazing Spider Hero Hack Free Resources Generator

HOW I HACKED BILLION ANDROID USERS SOCIAL AND 3rd PARTY ACCOUNT | A STORY ABOUT 5000$ BUG

{UPDATE} City Highway Racing Hack Free Resources Generator

Digital Forensics Course Development — Phase 1

Privacy Policy

Bluehost,most popular hosting providers

Mobile AppSec: Security Considerations for Finalized Mobile App Distributables

NEOWIZ launches Crypto Golf Impact, its first Play-to-Earn mobile game

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
m0ndzon3

m0ndzon3

I like breaking stuff.

More from Medium

TryHackme: Overpass by NinjaJc01

TryHackMe: Common Attacks Writeup

Yogosha Christmas Challenge 2021

FALL Vulnhub Walkthrough