Try Hack Me: LookBack

This is an easy machine on Try Hack Me that I have seen a lot of people have problems with. Lets take a look at this machine:

You may also see 3389 on this machine, however, it seems to be unstable. Looking at 443 we see the following:

Make sure to save that DNS name, when I press continue I see the following:

Using admin admin we get in but not very helpful:

Even with the DNS name this seems like a dead end, doing a feroxbuster we can see a page /test:

admin:admin works! Alright looks like we have a path here, after trying a lot of different things I noticed that between a single ‘ and double “ we got a different output:

We have command injection, after a few different tries we ended up using a base64 reverse shell:

Now, remember that OWA we saw at first… looks like it is out of date. Lets use this email against that:

And for the flag:

Hopefully you like it, I sure did.