Watcher — TryHackMe

0xsanz
7 min readFeb 18, 2021

Write-up for Watcher — another TryHackeMe’s room which is a boot2root Linux machine utilizing web exploits along with some common privilege escalation techniques.This room can be found here:-

https://tryhackme.com/room/watcher

As usual, let’s start with our enumeration process with nmap.

Enumeration

NMAP

# Identify the list of services running on the target machine
⇒ sudo nmap -sS -Pn -T4 -p- 10.10.0.46

┌──(kali㉿kali)-[/tmp]
└─$ sudo nmap -sS -Pn -T4 -p- 10.10.0.46 130 ⨯
Host discovery disabled (-Pn). All addresses will be marked 'up' and scan times will be slower.
Starting Nmap 7.91 ( https://nmap.org ) at 2021-02-17 17:01 EST
Nmap scan report for 10.10.0.46
Host is up (0.071s latency).
Not shown: 65532 closed ports
PORT STATE SERVICE
21/tcp open ftp
22/tcp open ssh
80/tcp open http
Nmap done: 1 IP address (1 host up) scanned in 19.84 seconds

# Perform further information gathering on the open ports identified above
⇒ sudo nmap -O -A -Pn -T4 -p21,22,80 10.10.0.46

┌──(kali㉿kali)-[/tmp]
└─$ sudo nmap -O -A -Pn -T4 -p21,22,80 10.10.0.46
Host discovery…

--

--

0xsanz
0xsanz

Written by 0xsanz

Software Developer having keen interest in Security, Privacy and Pen-testing. Certs:- Security+,PenTest+,AZ900,AZ204,AZ500

No responses yet