Agent T - TryHackMe
Something seems a little off with the server.
Recon
At first, I did a Nmap scan for open ports and services.
nmap -sC -sV -oA nmap/agent 10.10.36.157
There is only one port open with PHP server 5.5.
I checked the website for further enumeration. Wappalyzer identifies the website is using PHP version 8.1.0.
Exploit
I looked for PHP 8.1.0 exploit. I found this exploit on exploit-DB
After executing the exploit I got a shell. Success!!
Flag
I couldn’t move around that much. I checked the directory and didn’t find the flag.
I searched for the flag file and catted the file directly.
All articles in this blog are licensed under CC BY-NC-SA 4.0 unless stating additionally.
