TryHackMe: Easy Peasy

Having fun with TryHackMe again. So, here is the write up and guideline to pass this Easy Peasy challenge.

Room: https://tryhackme.com/room/easypeasyctf
Level: Easy

Task: Use your skills to access the user and root account!

Lets get started

Level 1: Enumeration through Nmap

Here is the first look of the webpage. Nothing special here I think. From the wappalyzer extension, the version of the nginx running is 1.16.1.

Lets fast scan the IP using nmap

# nmap -A -T4 10.10.124.84
..... 
PORT   STATE SERVICE VERSION
80/tcp open  http    nginx 1.16.1
| http-robots.txt: 1 disallowed entry 
|_/
|_http-server-header: nginx/1.16.1
|_http-title: Welcome to nginx!
.....

There is only 1 port exist — 80/tcp but unfortunately its a wrong answer. We only by default on 0–1000 ports. It must be large range of port. So scan all the way then from range 1000–65535 port. This scan takes about 1 hour, grab a coffee first ☕

# nmap -p 1000-65535 -sV -A -T4 10.10.124.84
6498/tcp  open  ssh     OpenSSH 7.6p1…