Room Created by MuirlandOracle

Enumeration

Let's start with the nmap scan.

nmap -Pn -sV -sC 10.10.111.18 -vvv

As we can see 3 open ports are found 21,22,80. Ftp is not allowing me to log in as anonymous so let’s move on to the web app.

Since port 80 is open let's find some directory.

gobuster -w /usr/share/wordlists/dirbuster/directory-list-2.3-medium.txt dir -u [<http://10.10.111.18>](<http://10.10.111.18/>)

I found a Directory called “assets” Let’s look into that.

The “style.css” file has an interesting hit mentioning a secret directory. Let’s check it out. We were asked to turn off the JavaScript, and when we hit OK, the page redirected to Rick Roll.

Let’s turn off JavaScript and see what we got.

• Enter about:config into the search bar select Accept the Risk and Continue.
• Enter **javascript: Enabled into the search box at the top of the page.
• Select the javascript.enabled toggle to change the value to false.