DX2: Hell’s Kitchen TryHackMe Room Walkthrough — Hard Difficulty
Welcome to the DX2: Hell’s Kitchen TryHackMe room walkthrough! This room is a challenging and exciting journey through various stages of enumeration and exploitation, perfect for those looking to enhance their cybersecurity skills. Below is a step-by-step guide to help you navigate this room and gain root access to the system. For a detailed visual guide, make sure to watch the full walkthrough video linked at the end.
Step-by-Step Guide
1. Initial Nmap Scan
First, we start with an Nmap scan to identify open ports on the target system. This helps us understand what services are running and where we might find vulnerabilities.
2. Enumerating JavaScript Files
Next, we move on to enumerating a couple of JavaScript files on a web application. This is where things get interesting. We discover an API endpoint that’s vulnerable to SQL injection. By exploiting this vulnerability, we gain a set of credentials.
3. Logging into Another Web Application
With these credentials in hand, we log into another web application. Here, we find a websocket that’s vulnerable to command injection. We use this vulnerability to get a shell on the system.
4. Gaining Shell Access and Enumerating the File System
Once we have shell access, we start enumerating the file system. We come across a password that allows us to pivot to another user on the system.
5. Pivoting to Another User
As this new user, we continue our exploration and discover another set of credentials. These credentials let us pivot to yet another user.
6. Privilege Escalation
Finally, with access as this new user, we find that we can run mount.nfs as the root user with sudo. We use this to escalate our privileges and gain root access to the system.
It’s a thrilling journey of discovery and exploitation. For a detailed walkthrough, make sure to watch the full video linked below. Don’t forget to like, comment, and subscribe for more cybersecurity content!
