Hack The Box Jerry WalkThrough
The first step is to perform enumeration on the box using nmap
Seems like we got a web application run on apache tomacat
from the 3 main function “Manager app” links looks interesting. Clicking on it we get a dialogue box for authentication.
We can try the default credentials “admin” & “admin” as username and password. The credential failed but we got user credentials in the error message.
We logged in using the credentials and see a field where we can upload malware and perform an exploit
We looked into metasploit of they have any exploit for the manager upload exploit we can see that there is an exploit
“exploit/multi/http/tomcat_mgr_upload”
we selected the exploit and entered the credentials, RPORTand LHOST and RHOSTS into the options
We gained meterpreter shell into the box and checked the user we own
Now we traverse the whole system to find the text files containing
We see that we found a file within the flag folder on desktop we cas use the below command to view the file
type “2 for the price of 1.txt”