HackMyVM Webmaster Walkthrough

    Another machine from the HackMyVM.eu site. This could be the fewest amount of images of any write-up.  A simple box but it ties a few things together making it kind of interesting. 

    We kick off with Nmap:


    DNS is UDP and when we see TCP, we have the potential to do bad things.  First, let's check out the web port:


    TXT is a clue and could be a reference to a DNS TXT record.

    We view source and find a message about the hostname but adding this to the hosts file does nothing for us in terms of host headers.


    Back to DNS:


    And there we go.  We have a TXT record.  Going out on a limb, I think it's the user John and his password. 

    Attempting to SSH:


    And we're in!

    We check our sudo privileges:


    At first glance, I don't have an exact path.  I look at the man pages for a second and I still don't see anything obvious without maybe some work.  This box is supposed to be easy so I look at processes:


    Nginx is running as root.  We have the ability to write into /var/www/html/, we can upload a shell and get root by hitting the shell.

    With our handler setup:


    That's a wrap!  Fun little box. 


    Cybersecurity solutions for small businesses.

    info@sevenlayers.com
    877.468.0911

    © 2021 Seven Layer Networks, Inc. | All rights reserved.