Write-up for TrayHackMe’s room named Inferno:-Real Life machine vs CTF. The machine is designed to be real-life and is perfect for newbies starting out in penetration testing. This room can be found here:
This is straight boot2root box where we need to find user and root flags.So let’s jump right in to enumeration with nmap.
Enumeration
NMAP
Run a simple nmap scan to check what is running on this box.
kali@kali:/tmp$ nmap -sC -sV 10.10.246.58 Starting Nmap 7.91 ( https://nmap.org ) at 2021-02-13 13:15 EST Nmap scan report for 10.10.246.58 Host is up (0.083s latency). Not shown: 967 closed ports PORT STATE SERVICE VERSION 21/tcp open tcpwrapped 22/tcp open ssh OpenSSH 7.6p1 Ubuntu 4ubuntu0.3 (Ubuntu Linux; protocol 2.0) | ssh-hostkey: | 2048 d7:ec:1a:7f:62:74:da:29:64:b3:ce:1e:e2:68:04:f7 (RSA) | 256 de:4f:ee:fa:86:2e:fb:bd:4c:dc:f9:67:73:02:84:34 (ECDSA) |_ 256 e2:6d:8d:e1:a8:d0:bd:97:cb:9a:bc:03:c3:f8:d8:85 (ED25519) 23/tcp open tcpwrapped 25/tcp open tcpwrapped |_smtp-commands: Couldn't establish connection on port 25 80/tcp open http Apache httpd 2.4.29 ((Ubuntu)) |_http-server-header: Apache/2.4.29 (Ubuntu) |_http-title: Dante's Inferno 88/tcp open tcpwrapped 106/tcp open pop3pw…
