Magician-TryHackMe

0xsanz
5 min readFeb 23, 2021
Magician-THM

This is a write-up for TryHackMe’s room named Magician.Description of the room says that — This magical website lets you convert image file formats.This room can be found at:

https://tryhackme.com/room/magician

Make an entry in /etc/hosts first for “magician” as mentioned. Now Let’s start our enumeration process with nmap.

Enumeration

NMAP

nmap -sC -sV 10.10.148.85

┌──(kali㉿kali)-[/tmp]
└─$ nmap -sC -sV 10.10.148.85
Starting Nmap 7.91 ( https://nmap.org ) at 2021-02-22 09:05 EST
Nmap scan report for 10.10.148.85
Host is up (0.023s latency).
Not shown: 997 closed ports
PORT     STATE SERVICE    VERSION
21/tcp   open  ftp        vsftpd 2.0.8 or later
8080/tcp open  http-proxy
| fingerprint-strings: 
|   FourOhFourRequest: 
|     HTTP/1.1 404 
|     Vary: Origin
|     Vary: Access-Control-Request-Method
|     Vary: Access-Control-Request-Headers
|     Content-Type: application/json
|     Date: Mon, 22 Feb 2021 14:07:04 GMT
|     Connection: close
|     {"timestamp":"2021-02-22T14:07:05.669+0000","status":404,"error":"Not Found","message":"No message available","path":"/nice%20ports%2C/Tri%6Eity.txt%2ebak"}
|   GetRequest: 
|     HTTP/1.1 404 
|     Vary: Origin
|     Vary: Access-Control-Request-Method
|     Vary: Access-Control-Request-Headers
|     Content-Type: application/json
|     Date: Mon, 22 Feb 2021 14:07:04 GMT
|     Connection: close
|     {"timestamp":"2021-02-22T14:07:04.814+0000","status":404,"error":"Not Found","message":"No message available","path":"/"}
|   HTTPOptions: 
|     HTTP/1.1 404 
|     Vary: Origin
|     Vary: Access-Control-Request-Method
|     Vary: Access-Control-Request-Headers
|     Content-Type: application/json
|     Date: Mon, 22 Feb 2021 14:07:04 GMT
|     Connection: close
|     {"timestamp":"2021-02-22T14:07:05.051+0000","status":404,"error":"Not Found","message":"No message available","path":"/"}
|   RTSPRequest: 
|     HTTP/1.1 505 
|     Content-Type: text/html;charset=utf-8
|     Content-Language: en
|     Content-Length: 465
|     Date: Mon, 22 Feb 2021 14:07:04 GMT
|     <!doctype html><html lang="en"><head><title>HTTP Status 505 
|     HTTP Version Not Supported</title><style type="text/css">body {font-family:Tahoma,Arial,sans-serif;} h1, h2, h3, b {color:white;background-color:#525D76;} h1 {font-size:22px;} h2…
0xsanz

Written by 0xsanz

138 Followers

Software Developer having keen interest in Security, Privacy and Pen-testing. Certs:- Security+,PenTest+,AZ900,AZ204

More from 0xsanz

See all from 0xsanz

Recommended from Medium

Lists

Staff Picks

Stories to Help You Level-Up at Work

Self-Improvement 101

Productivity 101

See more recommendations