all InfoSec news
THM: Gaining Access to the Library Server
April 13, 2024, 6:12 a.m. | 0xViKi
System Weakness - Medium systemweakness.com
THM Room Link: https://tryhackme.com/r/room/bsidesgtlibrary
Initial Reconnaissance
Nmap Scan:
sudo nmap -sV -sS -A <IP>
Open Ports
- 22/tcp: OpenSSH 7.2p2 Ubuntu 4ubuntu2.8
- 80/tcp: Apache httpd 2.4.18 (Ubuntu)
Gobuster:
gobuster dir -u http://<IP>/ -x php,txt -w /usr/share/wordlists/dirb/common.txt -t 50
No interesting directories were discovered, however, I found robots.txt which hints that I need to brute-force attack
Information Gathering
Hints Brute-Force AttackOn Inspection of the website closely, I found a potential username that could be the username for SSH which is open …
More from systemweakness.com / System Weakness - Medium
Spring Boot Integration Shiro Quick Start Demo
1 day, 9 hours ago |
systemweakness.com
A Deep Dive into Network Security Threats
1 day, 9 hours ago |
systemweakness.com
Defensive Security: Installing PHPIDS on LAMP Servers
1 day, 9 hours ago |
systemweakness.com
TryHackMe Network Services Writeup
1 day, 9 hours ago |
systemweakness.com
Jobs in InfoSec / Cybersecurity
Information Security Engineers
@ D. E. Shaw Research | New York City
Technology Security Analyst
@ Halton Region | Oakville, Ontario, Canada
Senior Cyber Security Analyst
@ Valley Water | San Jose, CA
COMM Penetration Tester (PenTest-2), Chantilly, VA OS&CI Job #368
@ Allen Integrated Solutions | Chantilly, Virginia, United States
Consultant Sécurité SI H/F Gouvernance - Risques - Conformité
@ Hifield | Sèvres, France
Infrastructure Consultant
@ Telefonica Tech | Belfast, United Kingdom