This is the write-up for TryHackMe’s room named ColddBox: Easy
Rooms’s URL : https://tryhackme.com/room/colddboxeasy
Its is an easy boot2root box and task is to get user and root flag
Enumeration:
# Identify the list of services running on the target machine
sudo nmap -sS -Pn -T4 -p- 10.10.128.156
# Perform further information gathering on the open ports identified above
sudo nmap -O -A -Pn -T4 -p80,4512 10.10.128.156
So we have a WordPress site and SSH running on a non standard port.
WordPress Enumeration
Browse the website
And find the WordPress login Portal at : http://10.10.128.156/wp-login.php