rootđź’€muzec-sec:~#

Hack. Sleep. Repeat

View on GitHub

image

We always start with an nmap scan…..

Nmap -sC -sV -oA nmap <Target-IP>

                                                                                                                                                                       
┌──(muzec㉿Muzec-Security)-[~/Documents/HackMyVm/gift]
└─$ nmap -sC -p- -sV -oA nmap 172.16.139.202   
Starting Nmap 7.91 ( https://nmap.org ) at 2021-06-07 08:17 EDT
Nmap scan report for 172.16.139.202
Host is up (0.00020s latency).
Not shown: 65533 closed ports
PORT   STATE SERVICE VERSION
22/tcp open  ssh     OpenSSH 8.3 (protocol 2.0)
| ssh-hostkey: 
|   3072 2c:1b:36:27:e5:4c:52:7b:3e:10:94:41:39:ef:b2:95 (RSA)
|   256 93:c1:1e:32:24:0e:34:d9:02:0e:ff:c3:9c:59:9b:dd (ECDSA)
|_  256 81:ab:36:ec:b1:2b:5c:d2:86:55:12:0c:51:00:27:d7 (ED25519)
80/tcp open  http    nginx
|_http-title: Site doesn't have a title (text/html).

Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 9.48 seconds

We have two open ports checking HTTP.

image

Let check the source code.

image

Hmmm let try SSH brute forcing with username root .

image

Boom we have the root credentials let log in SSH.

image

Root and done.

Greeting From Muzec



Back To Home