Link: https://tryhackme.com/room/source
#1 “user.txt“
#2 “root.txt“
Use nmap to find open ports:
nmap -sCV 10.10.207.9
![](https://niekdang.wordpress.com/wp-content/uploads/2021/05/image-77.png?w=849)
Access: https://10.10.207.9:10000/
![](https://niekdang.wordpress.com/wp-content/uploads/2021/05/image-79.png?w=334)
So this web use Webmin, there is a CVE we can use, CVE-2019-15107.
We just need to use metasploit for this room.
![](https://niekdang.wordpress.com/wp-content/uploads/2021/05/image-81.png?w=1015)
Use this exploit and set RHOSTS, LHOST and SSL (true). Run and we will get two flags.
/home/dark/user.txt
/root/root.txt