Write-up for TrayHackMe’s room named Inferno:-Real Life machine vs CTF. The machine is designed to be real-life and is perfect for newbies starting out in penetration testing. This room can be found here:
This is straight boot2root box where we need to find user and root flags.So let’s jump right in to enumeration with nmap.
Enumeration
NMAP
Run a simple nmap scan to check what is running on this box.
kali@kali:/tmp$ nmap -sC -sV 10.10.246.58
Starting Nmap 7.91 ( https://nmap.org ) at 2021-02-13 13:15 EST
Nmap scan report for 10.10.246.58
Host is up (0.083s latency).
Not shown: 967 closed ports
PORT STATE SERVICE VERSION
21/tcp open tcpwrapped
22/tcp open ssh OpenSSH 7.6p1 Ubuntu 4ubuntu0.3 (Ubuntu Linux; protocol 2.0)
| ssh-hostkey:
| 2048 d7:ec:1a:7f:62:74:da:29:64:b3:ce:1e:e2:68:04:f7 (RSA)
| 256 de:4f:ee:fa:86:2e:fb:bd:4c:dc:f9:67:73:02:84:34 (ECDSA)
|_ 256 e2:6d:8d:e1:a8:d0:bd:97:cb:9a:bc:03:c3:f8:d8:85 (ED25519)
23/tcp open tcpwrapped
25/tcp open tcpwrapped
|_smtp-commands: Couldn't establish connection on port 25
80/tcp open http Apache httpd 2.4.29 ((Ubuntu))
|_http-server-header: Apache/2.4.29 (Ubuntu)
|_http-title: Dante's Inferno
88/tcp open tcpwrapped
106/tcp open pop3pw…