This is an easy box in TryHackMe which requires you to know NMAP and Netcat usage. The machine is very simple and it is very easy to get the flag. First, we need to run NMAP to find a port to which when we connect using Netcat would reveal sensitive information. This obtained information can be used to connect to the box using SSH. We can then enumerate files a little bit and get the flag
Prerequisites
Basic Knowledge of NMAP and Netcat tools
NMAP
So, we have the following ports open on the machine:
- 22 SSH
- 2222 SSH
- 31337
From the NMAP scan, we can see in the output for port 31337 that there are a set of credentials being displayed. The username is ubuntu and the password is Daf****0ng
We can also get these credentials by using netcat to connect to port 31337
It looks like user ubuntu has left a note for himself in case he forgets his password. Now that we have a set of credentials, we can try connecting to the box using SSH
Great! The credentials worked and we are on the box now. Let’s quickly upgrade our shell using python3
We do not need to go for root privileges on this machine as that is not the goal — the goal is to get the flag only.
There are two users on the box:
- ubuntu
- user
The flag can be found in the ‘user’ home directory
Conclusion
This was very easy box showcasing how critical it is to not leave sensitive information unsanitized or accessible to unauthorized users. Hopefully you liked reading this story. :)
