TryHackMe: Steel Mountain

A walkthrough.

Start with nmap.

nmap -A -vv target_ip

You will find web servers on port 80 and 8080.

Access the web server on port 80

I did reverse image search and got the answer.

Another way to do this is to Inspect the page and check the image element.

Task 1: Introduction

Who is the employee of the month?

Bill Harper

Task 2: Initial Access

Scan the machine with nmap. What is the other port running a web server on?

8080

Take a look at the other web server. What file server is running?

Rejetto HTTP File Server

the web server on port 8080

What is the CVE number to exploit this file server?

2014–6287

Use Metasploit to get an initial shell. What is the user flag?

metasploit: search rejetto

set RHOSTS target_ip
set RPORT…