TryHackMe write-up: Source

Jun 24, 2021



This is my write-up for TryHackMe’s Source Room. This is rated as Easy. Let’s see why.


Using nmap, I saw that this box is running SSH and Webmin.

Checking port 10000 on the browser, I found the Webmin login page:


I saw that Metasploit already had a number of available exploits for Webmin.

Given that the “Webmin password_change.cgi Backdoor” exploit module was the latest, I then checked if it was a viable candidate to use.

Given that the login credentials were not needed for this exploit to run, I decided to give it a try.

Turns out Webmin was already running as root. So upon exploitation, I already had root privileges!

Given that I already had root privs, I can easily get the keys.




I like breaking stuff.