Member-only story
TryHackMe: Wgel
4 min readMar 14, 2021
Having fun with TryHackMe again. So, here is the write up and guideline to pass this Easy Peasy challenge.
Room: https://tryhackme.com/room/wgelctf
Level: Easy
Task: Can you exfiltrate the root flag?
Lets get started
As usual, open the browser with the machine IP
Lets see if something is hidden in the source code.
There is a comment there. Someone name as jessie there. Could be the login username. Lets see which port is open for this IP
# nmap -A -T4 -sV 10.10.X.XStarting Nmap 7.91 ( https://nmap.org ) at 2021-03-14 09:53 +08
Nmap scan report for 10.10.240.26
Host is up (0.22s latency).
Not shown: 998 closed ports
PORT STATE SERVICE VERSION
22/tcp open ssh OpenSSH 7.2p2 Ubuntu 4ubuntu2.8 (Ubuntu Linux; protocol 2.0)
| ssh-hostkey:
| 2048 94:96:1b:66:80:1b:76:48:68:2d:14:b5:9a:01:aa:aa (RSA)
| 256 18:f7:10:cc:5f:40:f6:cf:92:f8:69:16:e2:48:f4:38 (ECDSA)
|_…
