Your challenge is to use the tools listed below to enumerate a server, gathering information along the way that will eventually lead to you taking over the machine.
This task requires you to use the following tools:
- Dirbuster
- Hydra
- Nmap
- Nikto
- Metasploit
First thing we are going to do on this machine is to enumerate with nmap to find any open ports/services
Next step we are going to look for any directories (it states to use Dirbuster but I prefer gobuster)
The directory we find is guidelines (also Protected)
With port 80 open and /guidelines available, lets go ahead and navigate there
We now have a potential username Bob
The directory that has basic authentication appears to be /protected
finding Bob’s password, well need to run Hydra
Next we want to locate the other open port and the service/version associated
We are now going to jump into Metsploit and search for any exploits relating
Searching through metasploit we located the tomcat_mgr_upload
With the options available we are going to set the username, psasword, and Rhost
After entering info (eventually as seen below), we get a meterpreter shell!
Got our flag!