Tryhackme

In this challenge, a short story is provided as the description, along with a machine and multiple questions. We need to solve the questions to complete the challenge. **[email protected]: ** Most people only see a perfectly constructed system. But **you** have always been different. You see not only what is on the surface but also what governs beneath it; the internal correlating mechanisms that regulate and manage each of its modules almost so flawlessly that it attempts conceal all miniscule holes in its multifaceted design. However, these holes still exist, don't they?... Yes, you are still learning, but your greatest weakness is that self-doubt... It continues to hold you back... Do you know where it comes from? Deep down, I know you do. You know something is not right, you just cannot put your finger on it. Well let me tell you. You are living in a dream. One that has been placed over your eyes to blind you from you realising who you could become. Yes… I can sense you know what I am telling you is true... The dilemma is that there are these '**agents**'... Let us call them programs that look like you and me. They seek to spread that virus of **self-doubt**, **disbelief**, and **fear** into the subconsciousness of the few emerging hackers with great potential. Why you ask? It is because minds like yours are a threat to those in control of the 'M4tr1x system'; the artificial, simulated world developed to supress your full senses. We need you in this next war against the machines. But only you can escape from your engineered reality into the real world... I will be waiting on the other side. **-------------------------------------------------------------------------------------------------------------------------------------------------------------------** **[email protected]:** Who are you? Established the Connection Step 1 : Connect to the TryHackMe Network using the command ,sudo openvpn <file.ovpn> . ...

let’s on the machine and start with a nmap scan on the ipaddress. nmap -sVC [machine ip] > nmapscan.txt using this command i scan the ipaddress and write it’s output in nmapscan.txt file. Output of the Scan : Starting Nmap 7.95 ( https://nmap.org ) at 2025-01-28 14:26 +0545 Nmap scan report for [machine ip] Host is up (0.19s latency). Not shown: 998 closed tcp ports (reset) PORT STATE SERVICE VERSION 22/tcp open ssh OpenSSH 8.2p1 Ubuntu 4ubuntu0.5 (Ubuntu Linux; protocol 2.0) | ssh-hostkey: | 3072 b0:c5:69:e6:dd:6b:81:0c:da:32:be:41:e3:5b:97:87 (RSA) | 256 6c:65:ad:87:08:7a:3e:4c:7d:ea:3a:30:76:4d:04:16 (ECDSA) |_ 256 2d:57:1d:56:f6:56:52:29:ea:aa:da:33:b2:77:2c:9c (ED25519) 80/tcp open http Apache httpd 2.4.41 ((Ubuntu)) | http-cookie-flags: | /: | PHPSESSID: |_ httponly flag not set |_http-server-header: Apache/2.4.41 (Ubuntu) |_http-title: Login Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel Service detection performed. Please report any incorrect results at https://nmap.org/submit/ . Nmap done: 1 IP address (1 host up) scanned in 15.10 seconds we can see port 22 and 80 are open and running ssh and http service respectively. ...

let’s on the machine and start with a nmap scan on the ipaddress. nmap -sVC [machine ip] > nmapscan.txt using this command i scan the ipaddress and write it’s output in nmapscan.txt file. Output of the Scan : Starting Nmap 7.95 ( https://nmap.org ) at 2025-01-28 14:26 +0545 Nmap scan report for [machine ip] Host is up (0.19s latency). Not shown: 998 closed tcp ports (reset) PORT STATE SERVICE VERSION 22/tcp open ssh OpenSSH 8.2p1 Ubuntu 4ubuntu0.5 (Ubuntu Linux; protocol 2.0) | ssh-hostkey: | 3072 b0:c5:69:e6:dd:6b:81:0c:da:32:be:41:e3:5b:97:87 (RSA) | 256 6c:65:ad:87:08:7a:3e:4c:7d:ea:3a:30:76:4d:04:16 (ECDSA) |_ 256 2d:57:1d:56:f6:56:52:29:ea:aa:da:33:b2:77:2c:9c (ED25519) 80/tcp open http Apache httpd 2.4.41 ((Ubuntu)) | http-cookie-flags: | /: | PHPSESSID: |_ httponly flag not set |_http-server-header: Apache/2.4.41 (Ubuntu) |_http-title: Login Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel Service detection performed. Please report any incorrect results at https://nmap.org/submit/ . Nmap done: 1 IP address (1 host up) scanned in 15.10 seconds we can see port 22 and 80 are open and running ssh and http service respectively. ...

in this challenge we have to perform enumeration to get shell and escalate the root privilege.let’s deploy the machine. I started network scanning with nmap to see what services are running on the machine.i used nmap -sVC <ipaddress> > nmapscan.txt command to write the output in nmapscan.txt file for safety of information. this is what i got in nmap scan : Starting Nmap 7.95 ( https://nmap.org ) at 2025-01-24 14:30 +0545 Nmap scan report for 10.10.24.36 Host is up (0.20s latency). Not shown: 998 closed tcp ports (reset) PORT STATE SERVICE VERSION 22/tcp open ssh OpenSSH 7.6p1 Ubuntu 4ubuntu0.3 (Ubuntu Linux; protocol 2.0) | ssh-hostkey: | 2048 4a:b9:16:08:84:c2:54:48:ba:5c:fd:3f:22:5f:22:14 (RSA) | 256 a9:a6:86:e8:ec:96:c3:f0:03:cd:16:d5:49:73:d0:82 (ECDSA) |_ 256 22:f6:b5:a6:54:d9:78:7c:26:03:5a:95:f3:f9:df:cd (ED25519) 80/tcp open http Apache httpd 2.4.29 ((Ubuntu)) | http-cookie-flags: | /: | PHPSESSID: |_ httponly flag not set |_http-title: HackIT - Home |_http-server-header: Apache/2.4.29 (Ubuntu) Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel Service detection performed. Please report any incorrect results at https://nmap.org/submit/ . Nmap done: 1 IP address (1 host up) scanned in 18.13 seconds We can see two ports, port 22 and port 80 are running ssh and http services respectively. I visit on port 80 to see what’s running on the web server. ...