This is the write-up for TryHackeMe’s room named Year Of the Fox.
This room can be found here:- https://tryhackme.com/room/yotf
# Identify the list of services running on the target machine
sudo nmap -sS -Pn -T4 -p- 10.10.54.128
# Perform further information gathering on the open ports identified above
sudo nmap -O -A -Pn -T4 -p80,139,445 10.10.54.128
Lets explore more by opening the web-page at port 80
We can try some common usernames and passwords, but in our case those didn’t work. Let us capture the login request in Burp Suite and send it to repeater to analyse further:
So we are up against Basic Authentication and hint is that we need to guess the password.
We will use enum4linux next generation script to enumerate usernames. This script can be found here- https://github.com/cddmp/enum4linux-ng:
/opt/tools/enum4linux-ng/enum4linux-ng.py -R 10.10.54.128