We are continuing with our series on HTB machines. This article contains the walkthrough of an HTB machine called Mirai.
HTB is an excellent platform that hosts machines belonging to multiple OSes. It also has some other challenges as well. Individuals have to solve the puzzle (simple enumeration plus pentest) in order to log into the platform and download the VPN pack to connect to the machines hosted on the HTB platform.
Note: Writeups of only retired HTB machines are allowed. The machine in this article, named Mirai, is retired.
Let’s start with this machine. [CLICK IMAGES TO ENLARGE]
1. Download the VPN pack for the individual user and use the guidelines to log into the HTB VPN.
2. The Mirai machine IP is 10.10.10.48.
3. We will adopt the same methodology of performing penetration testing as we have used in previous tests. Let’s start with enumeration in order to learn as much information about the machine as possible.
4. As usual, let’s start with the Nmap scan to gather more information around the services running on this machine.
<< nmap -sC -sV -oA mirai 10.10.10.48>>
5. As we can see, there are common ports on the machine such as 80, 22 and 53. Looking at port 80, there was nothing on the webpage. Nothing for robots.txt as well.
6. At this time, let’s start the directory brute-forcing with gobuster as below:
<< gobuster -u http://10.10.10.48 -w /usr/share/wordlists/dirbuster/directory-list-2.3-medium.txt -t 20 >>
7. Since we got a hit on the admin directory, browsing to that directory reveals the below page. This is a pi-hole. It looks like a Raspberry Pi login mapped with the Mirai botnet.
*** This is a Security Bloggers Network syndicated blog from InfoSec Resources authored by Security Ninja. Read the original post at: http://feedproxy.google.com/~r/infosecResources/~3/Ay2IKoj3acs/