Hijack -TryHackMe- (Detailed explanation)
<p>Hi, this is a write up for an interesting room from TryHackMe called ‘Hijack’. Hope you like this story. :)</p>
<p>First, use the port scan to the <code>Target-IP</code>, here I use <code>rustscan -a</code> command, here is the output.</p>
<p><img alt="" src="https://miro.medium.com/v2/resize:fit:520/1*_BH3Ga8AM3mob--nA9uZpg.png" style="height:298px; width:473px" /></p>
<p>There are three services are really interesting for the initial lookup. I first checked the ftp and I thought maybe it allows the anonymous login but it failed. Then look into the nfs. Use <code>showmount -e</code> to show any exist directory names.</p>
<p><img alt="" src="https://miro.medium.com/v2/resize:fit:546/1*01wYmwvSH0T5bxHj5jCcLA.png" style="height:125px; width:496px" /></p>
<p>After that, I create a local directory and mount the share folder to local.</p>
<p><a href="https://medium.com/@OwenW_CTF/hijack-tryhackme-detailed-explanation-65e9d2b1a717"><strong>Read More</strong></a></p>