TryHackMe-Minotaur’s Labyrinth

NMAP

21/tcp   open  ftp      syn-ack ttl 63 ProFTPD                    
| ftp-anon: Anonymous FTP login allowed (FTP code 230)
|_drwxr-xr-x 3 nobody nogroup 4096 Jun 15 14:57 pub
80/tcp open http syn-ack ttl 63 Apache httpd 2.4.48 ((Unix) OpenSSL/1.1.1k PHP/8.0.7 mod_perl/2.0.11 Perl/v5.32.1)
|_http-favicon: Unknown favicon MD5: C4AF3528B196E5954B638C13DDC75F2F
| http-methods:
|_ Supported Methods: GET HEAD POST OPTIONS
|_http-server-header: Apache/2.4.48 (Unix) OpenSSL/1.1.1k PHP/8.0.7 mod_perl/2.0.11 Perl/v5.32.1
| http-title: Login
|_Requested resource was login.html
443/tcp open ssl/http syn-ack ttl 63 Apache httpd 2.4.48 ((Unix) OpenSSL/1.1.1k PHP/8.0.7 mod_perl/2.0.11 Perl/v5.32.1)
|_http-favicon: Unknown favicon MD5: BE43D692E85622C2A4B2B588A8F8E2A6
| http-methods:
|_ Supported Methods: GET HEAD POST OPTIONS
3306/tcp open mysql? syn-ack ttl 63
| fingerprint-strings:
| NULL:
|_ Host 'ip-10-8-94-60.eu-west-1.compute.internal' is not allowed to connect to this MariaDB server
| mysql-info:
|_ MySQL Error: Host 'ip-10-8-94-60.eu-west-1.compute.internal' is not allowed to connect to this MariaDB server
1 service unrecognized despite returning data. If you know the service/version, please submit the following fingerprint

PORT 21 (FTP)

PORT 80 (HTTP)

a = ["0", "h", "?", "1", "v", "4", "r", "l", "0", "g"]
b = ["m", "w", "7", "j", "1", "e", "8", "l", "r", "a", "2"]
c = ["c", "k", "h", "p", "q", "9", "w", "v", "5", "p", "4"]
print (a[9]+b[10]+b[5]+c[8]+c[8]+c[1]+a[1]+a[5]+c[0]+c[1]+c[8]+b[8])

Foothold

Privilege Escalation (root)

#!/bin/bash                                                               
echo "dont fo...forge...ttt" >> /reminders/dontforget.txt

--

--

--

Pentester | CTF Player

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

How a simple functional test got complicated…

But how, exactly, databases use mmap?

D-Zone 2015 Retrospective

API Calls in Rails: from Basic to Better and some important considerations

Make Builder Design Pattern Reusable with Compile-Time Metaprogramming by Using Roslyn

Integrating EFS with Lambda

What’s the difference between static and dynamic libraries?

Understanding OAuth 2.0 with Authorization Code Flow

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
ARZ101

ARZ101

Pentester | CTF Player

More from Medium

HackTheBox-Horizontall

Alfred —  TryHackMe walkthrough

Shocker | HackTheBox writeup