This is the write-up for room named 0day on TryHackMe.
The room can be found here :- https://tryhackme.com/room/0day
Details given:
Exploit Ubuntu, like a Turtle in a Hurricane. Root my secure Website, take a step into the history of hacking.
What is required?:
user.txt and root.txt
Enumeration
NMAP:
As always lets start scanning the target with the IP given:
nmap -sC -sV 10.10.119.34
We have port 22-SSH and port 80-Web open with the above versions. Let enumerate further port 80 using Nikto.
NIKTO:
nikto -h 10.10.119.34
The above nikto scan reveals that this box is vulnerable to Shellshock. This is a very famous bug in bash and according to Wikipedia(https://en.wikipedia.org/wiki/Shellshock_(software_bug)):