Home ยป Tags

Diamorphine Rootkit

Athena

THM | Athena | Medium

This post is a walkthrough of the Try Hack Me room Athena Intro Break all security and compromise the machine. Are you capable of mastering the entire system and exploiting all vulnerabilities? NMAP Scan # Nmap 7.94 scan initiated Sat Sep 16 14:50:30 2023 as: nmap -sVC -T4 -p- -vv -oA nmap/all-tcp-ports 10.10.138.143 Nmap scan report for athena.thm (10.10.138.143) Host is up, received reset ttl 63 (0.018s latency). Scanned at 2023-09-16 14:50:31 IST for 25s Not shown: 65531 closed tcp ports (reset) PORT STATE SERVICE REASON VERSION 22/tcp open ssh syn-ack ttl 63 OpenSSH 8.2p1 Ubuntu 4ubuntu0.5 (Ubuntu Linux; protocol 2.0) | ssh-hostkey: | 3072 3b:c8:f8:13:e0:cb:42:60:0d:f6:4c:dc:55:d8:3b:ed (RSA) | ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCqrhWpCkIWorEVg4w8mfia/rsblIvsmSU9y9mEBby77pooZXLBYMvMC0aiaJvWIgPVOXrHTh9IstAF6s9Tpjx+iV+Me2XdvUyGPmzAlbEJRO4gnNYieBya/0TyMmw0QT/PO8gu/behXQ9R6yCjiw9vmsV+99SiCeuIHssGoLtvTwXE2i8kxqr5S0atmBiDkIqlp+qD1WZzc8YP5OU0CIN5F9ytZOVqO9oiGRgI6CP4TwNQwBLU2zRBmUmtbV9FRQyObrB1zCYcEZcKNPzasXHgRkfYMK9OMmUBhi/Hveei3BNtdaWARN9x30O488BmdET3iaTt5gcIgHfAO+5WzUPBswerbcOHp2798DXkuVpsklS9Zi9dvpxoyZFsmu1RoklPWea+rxq09KRjciXNvy+jV8zBGCGKwwi62nL9mRyA5ZakJKrpWCPffnEMK37SHL0WqWMRZI4Bbj2cOpJztJ+5Ttbj5wixecnvZu8hkknfMSVwPM8RqwQuXtes8AqF6gs= | 256 1f:42:e1:c3:a5:17:2a:38:69:3e:9b:73:6d:cd:56:33 (ECDSA) | ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBPBg1Oa6gqrvB/IQQ1EmM1p5o443v5y1zDwXMLkd9oUfYsraZqddzwe2CoYZD3/oTs/YjF84bDqeA+ILx7x5zdQ= | 256 7a:67:59:8d:37:c5:67:29:e8:53:e8:1e:df:b0:c7:1e (ED25519) |_ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBaJ6imGGkCETvb1JN5TUcfj+AWLbVei52kD/nuGSHGF 80/tcp open http syn-ack ttl 63 Apache httpd 2.4.41 ((Ubuntu)) |_http-server-header: Apache/2.4.41 (Ubuntu) |_http-title: Athena - Gods of olympus | http-methods: |_ Supported Methods: POST OPTIONS HEAD GET 139/tcp open netbios-ssn syn-ack ttl 63 Samba smbd 4.6.2 445/tcp open netbios-ssn syn-ack ttl 63 Samba smbd 4.6.2 Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel Host script results: | smb2-security-mode: | 3:1:1: |_ Message signing enabled but not required | p2p-conficker: | Checking for Conficker.C or higher... | Check 1 (port 9973/tcp): CLEAN (Couldn't connect) | Check 2 (port 41780/tcp): CLEAN (Couldn't connect) | Check 3 (port 35605/udp): CLEAN (Failed to receive data) | Check 4 (port 36277/udp): CLEAN (Failed to receive data) |_ 0/4 checks are positive: Host is CLEAN or ports are blocked | nbstat: NetBIOS name: ROUTERPANEL, NetBIOS user: <unknown>, NetBIOS MAC: <unknown> (unknown) | Names: | ROUTERPANEL<00> Flags: <unique><active> | ROUTERPANEL<03> Flags: <unique><active> | ROUTERPANEL<20> Flags: <unique><active> | \x01\x02__MSBROWSE__\x02<01> Flags: <group><active> | SAMBA<00> Flags: <group><active> | SAMBA<1d> Flags: <unique><active> | SAMBA<1e> Flags: <group><active> | Statistics: | 00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00 | 00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00 |_ 00:00:00:00:00:00:00:00:00:00:00:00:00:00 |_clock-skew: 0s | smb2-time: | date: 2023-09-16T13:50:56 |_ start_date: N/A Read data files from: /usr/bin/../share/nmap Service detection performed. Please report any incorrect results at https://nmap.org/submit/ . # Nmap done at Sat Sep 16 14:50:56 2023 -- 1 IP address (1 host up) scanned in 25.77 seconds Notes from NMAP ...

September 17, 2023 at 12:09 GMT ยท 7 min