Mustacchio
Mustacchio Walkthrough
Welcome to the room, it's my first write up but hopefully this can be helpful to someone that's struggling!
Let's start with some basic enummeration. nmap -sV -p- T4 24/06/2023 14:3110.10.201.205 -vv -O scan.txt
Great!
We have 3 open ports 22, 80 and 8765, let's visit the website and poke around.
At this point it's also a good idea to look for other directories on the site that might not be obviously with some sort of fuzzer like gobuster
gobuster dir -u 10.10.15.84 -w /usr/share/wordlists/dirb/common.txt
Hmm we have two potential pages, robots.txt
and custom
let's try robots.txt It's got nothing a dead end...
Ok onto custom
users.bak sounds interesting let's try and open it!
We need to first figure out what it is so we run file users.bak
Great it looks like a database backup, lets try and open it with SQLite3
Looks like a login!
Let's try that port we found earlier out and see if there's a login page
Last updated
Was this helpful?