Persecure : my learning archive

HTB Mirai

https://app.hackthebox.com/machines/Mirai

Run a nmap scan to find for open ports.

Scanning all the ports.

Webserver does not show anything.

Run a gobuster scan to find for other directories.

Head to the admin page. Seens like a Pi-hole interface.

Search for default credentials.

Default credentials does not work for this interface.

Let’s try logging in via SSH.

Able to gain access via default credentionals.
Able to use sudo everywhere.

First flag is found.

Switch user to root and cat the root.txt file.

Use the df command to find for all devices on the box

Check out the usbstick folder and a clue is given.

Use the strings command to find the flag.

Create a website or blog at WordPress.com