THM Writeup: TheValley

TheValley

Recon

A simple Rustscan shows us that there are 3 ports open.

     

We see that port 22 is for SSH, port 80 is for the web server, and port 37378 is for FTP based on the version scan from NMAP:

Trying to connect to the FTP server results in nothing.

So we start looking on the web server.

Initial Foothold

We run Gobuster, and find the following directories:

all of which we look around but don't notice anything interesting off the bat (using both ZAP and viewing the source code).
However, we find something interesting when we run Gobuster on one directory lower (on the /static directory).
So we go to `/00` and find that it has a note:
so we navigate to the directory /dev1243224123123 and find a login page

and viewing the source page, we see the login username and password in the dev.js script!

Logging in, it says that the credentials are re-used with FTP. So we take the same credentials and use it for FTP:


and we transfer those files to our computer for further analysis.

We open the files in Wireshark. The first file doesn't yield much. Except that we know that there is a directory at:

Looking further at the other PCAP files we filter for HTTP and finally find a login.

and we just re-use these credentials for SSH:


















Comments

Post a Comment

Popular posts from this blog

2023 - Letter to Omar

Image
Hi Omar! You might be the only one reading this, or you might not. If you aren't me and you are reading this, then welcome. I thought I would write a reflection on how my year went. In a similar fashion to how Bill Gates or Warren Buffet writes annual shareholder letters, I'd like to also write a letter. But since I have no shareholders, I've decided to write a letter to myself. So here goes! If I could summarize this year in one word, it would be the word change.  The changes in my life that Omar in 2022 could have never imagined. Starting out in 2023, I was still completing my courses for my masters at Simon Fraser University. I had just gotten back from my co-op in Ottawa, and I was just phoning it in for the last semester. For the first time in my life, I learned how to snowboard! It was an amazing experience with my then-girlfriend J - and I can proudly call myself a beginner snowboarder now! During that last semester, all my friends around me were looking for jobs. In
Read more

Importance of silence

Image
Reflection on this past month It's coming to the end of April! April showers bring May flowers -- as they usually say. What I'm seeing is more showers + flurries. Never in my life would I have imagined that it would snow almost in May! Back in Vancouver, it was mostly just rain with the occasional sun that would pop out.  --- I really do miss the rain. I'd love to just work while it's thunderstorming outside. I want to feel like I'm forced indoors, in a cozy environment drinking my warm mocha, while programming or just writing away.  Life this past month has been exciting! I've been going out more, taking on more things to do in both my personal life and work life, and overall just trying to put myself out there. Life is becoming colourful again. Meeting new people, making new friends, and getting new perspectives on life. I found myself starting to have random chitchat with strangers these days. Whether it's to feel a sense of connectedness, or just a frien
Read more

got a new computer

zzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzz, i got a new computer!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! intel i5!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
Read more