TryHackMe write-up: Source

Introduction

This is my write-up for TryHackMe’s Source Room. This is rated as Easy. Let’s see why.

Enumeration

Using nmap, I saw that this box is running SSH and Webmin.

Checking port 10000 on the browser, I found the Webmin login page:

Exploitation

I saw that Metasploit already had a number of available exploits for Webmin.

Given that the “Webmin password_change.cgi Backdoor” exploit module was the latest, I then checked if it was a viable candidate to use.

Given that the login credentials were not needed for this exploit to run, I decided to give it a try.

Turns out Webmin was already running as root. So upon exploitation, I already had root privileges!

Given that I already had root privs, I can easily get the keys.

--

--

--

I like breaking stuff.

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

How does Email actually work ?

LBank to Launch GMC Demand Deposit with an Annualized Yield of 50%

Why you should give unconventional OSINT techniques another go

Warning to CISOs: Don’t make yourself a target

Ad Fraud Report: global statistics from FraudScore

{UPDATE} Pocket Craft Hack Free Resources Generator

5 Principles For Having the Right Hacker Attitude

When the World Wide Web Isn’t…

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
m0ndzon3

m0ndzon3

I like breaking stuff.

More from Medium

TryHackMe - Kenobi Walkthrough

Network Services (FTP) — Tryhackme

Tryhackme Easy Peasy Walkthrough

XXE - TryHackMe Walkthrough