SBN

Hack the Box (HTB) Machines Walkthrough Series — Mirai

We are continuing with our series on HTB machines. This article contains the walkthrough of an HTB machine called Mirai.

HTB is an excellent platform that hosts machines belonging to multiple OSes. It also has some other challenges as well. Individuals have to solve the puzzle (simple enumeration plus pentest)  in order to log into the platform and download the VPN pack to connect to the machines hosted on the HTB platform.

DevOps Connect:DevSecOps @ RSAC 2022

Note: Writeups of only retired HTB machines are allowed. The machine in this article, named Mirai, is retired.

The Walkthrough

Let’s start with this machine. [CLICK IMAGES TO ENLARGE]

1. Download the VPN pack for the individual user and use the guidelines to log into the HTB VPN.

2. The Mirai machine IP is 10.10.10.48.

3. We will adopt the same methodology of performing penetration testing as we have used in previous tests. Let’s start with enumeration in order to learn as much information about the machine as possible.

4. As usual, let’s start with the Nmap scan to gather more information around the services running on this machine.
<< nmap -sC -sV -oA mirai 10.10.10.48>>

5. As we can see, there are common ports on the machine such as 80, 22 and 53. Looking at port 80, there was nothing on the webpage. Nothing for robots.txt as well.

6. At this time, let’s start the directory brute-forcing with gobuster as below:
<< gobuster -u http://10.10.10.48 -w /usr/share/wordlists/dirbuster/directory-list-2.3-medium.txt -t 20 >>

7. Since we got a hit on the admin directory, browsing to that directory reveals the below page. This is a pi-hole. It looks like a Raspberry Pi login mapped with the Mirai botnet.

8. Looking more into Raspberry common credentials, we found out (Read more...)

*** This is a Security Bloggers Network syndicated blog from InfoSec Resources authored by Security Ninja. Read the original post at: http://feedproxy.google.com/~r/infosecResources/~3/Ay2IKoj3acs/