Try Hack Me: AttackerKB
Today we are going to look at AttackerKB on Try Hack Me which can be found here:
We start off with a rustscan / NMAP:
Looks like port 10000 is on the machine, lets dig a little deeper:
Looks like a MiniServ Webmin http port, lets take a look at it:
Notice above we are utilizing https, on HTTP it stated that the website is doing SSL, so we have to use HTTPS. Also when viewing the certificate we can see that the hostname for the machine is source:
We know that the service is Webmin and the version is 1.890. Looking for exploits we find the following:
https://github.com/MuirlandOracle/CVE-2019-15107
Downloading the exploit and running pip install for the requirements:
Once downloaded we run the exploit and get a root shell:
When we get the shell moving around is not the best, so we did a bash reverse shell back to ourselves, and got the user and root flag:
Thanks for reading, have a good one.