THM - Lookup

Francesco Pastore
7 min readNov 24, 2024

A writeup for the room Lookup on TryHackMe.

User flag

Footprinting

We can start by doing a scan with nmap.

We see only the ports 22 and 80 are open.

Looking for more details about the webserver we can see that the related domain is lookup.thm and it is running Apache.

After adding the domain to the hosts file, we can see the related homepage.

The website consists only of a login form without any other page or anything useful inside the source code.

Analyzing the login page

Common credentials are not working and no SQLi seems to be found even with sqlmap.

Also, no subdirectories or subdomains seem available using Gobuster with common wordlists.

gobuster vhost -u http://MACHINE_IP -domain lookup.thm…

--

--

Francesco Pastore
Francesco Pastore

Written by Francesco Pastore

An engineering student in Milan and a web developer for an IT company. Write about programming and cybersecurity topics.

No responses yet