Lunizz CTF -TryHackMe

lunizz CTF

This is a write-up for another TryHackMe’s rooms named “Lunizz CTF”. This room is available here:

https://tryhackme.com/room/lunizzctfnd

As always lets starts our enumeration process to find out what services are running on the target.

Enumeration

NMAP

# Identify the list of services running on the target machine
⇒ sudo nmap -sS -Pn -T4 -p- 10.10.190.71

┌──(kali㉿kali)-[/tmp]
└─$ sudo nmap -sS -Pn -T4 -p- 10.10.190.71                                                                                                 130 ⨯
Host discovery disabled (-Pn). All addresses will be marked 'up' and scan times will be slower.
Starting Nmap 7.91 ( https://nmap.org ) at 2021-02-24 16:34 EST
Nmap scan report for 10.10.190.71
Host is up (0.024s latency).
Not shown: 65530 closed ports
PORT     STATE SERVICE
22/tcp   open  ssh
80/tcp   open  http
3306/tcp open  mysql
4444/tcp open  krb524
5000/tcp open  upnp
Nmap done: 1 IP address (1 host up) scanned in 13.41 seconds

# Perform further information gathering on the open ports identified above
⇒ sudo nmap -O -A -Pn -T4 -p22,80,3306,4444,5000 10.10.190.71

┌──(kali㉿kali)-[/tmp]
└─$ sudo nmap -O -A -Pn -T4 -p22,80,3306,4444,5000 10.10.190.71…