This is the write-up for TryHackMe room named — Recovery:
This is by far the best room for me on THM and I enjoyed it a lot. Hope you will too.First lets write down what is already given to us:
- A web-server showing some gibberish.
- A web panel to keep track of recovery process at port 1337
- SSH credentials : alex/madeline
- The malware in alex’s home directory
Our task is to repair all the damage caused by fixutil and collect flags from web panel running at port 1337. Lets begin.
Run the NMAP first and let see if we can find something else:
nmap -sC -sV 10.10.72.173
Nothing new here. Also run NMAP to scan for all ports to check if we can find something…
