Rabbit Store

Demonstrate your web application testing skills and the basics of Linux to escalate your privileges.

Task Information: Medium Level — Visit TryHackMe Room

Shall we get started?

We’ll start our AttackBox and the target machine.

Now, let’s run nmap for the Target IP address. The command will be nmap -T4 -n -sC -sV -Pn -p- 10.10.128.21

There are four open ports:

  • 22 (SSH)

  • 80 (HTTP)

  • 4369 (EPMD)

  • 25672

nmap already reports that port 80 redirects to http://cloudsite.thm/, so we add cloudsite.thm to our hosts file:

Location: /etc/hosts

Command: sudo nano /etc/hosts

10.10.74.18 cloudsite.thm

Now we visit the site

We can notice that the both “Login / Sign Up” button redirects to http://storage.cloudsite.thm/, so we’ve add this link to our hosts as well.

After modifying the hosts, it should be like :

10.10.74.18 cloudsite.thm storage.cloudsite.thm
Updated on
T9 - Red Teaming