Mustacchio — TryHackMe
Summary
Another easy boot2root room. We first needed to enumerate a bit to find out what is running and then doing directory Brute forcing to find a sqlite3 db dump, which gave us the admin password.Then using that password we logged in to the admin portal where there was a XXE vulnerability which was exploited to give us the user’s SSH encrypted key which…
