Let's find open ports with rustscan to finish the service scan faster.

 

 

Then let's scan for running ports with the -p command.

 

 

We see that the http service is running on port 10000. Webmin was working..

 

Let's go to the website.

 

 

When we go to the website, it says that the web service operates in SSL mode.

 

 

There is nothing useful in the source code either.

 

 

Let's search for exploit for webmin in Msfconsole

 

 

 

The site runs in SSL mode. do not forget to set the SSLCert value to true.

 

 

Once we make the settings, we can run it.

 

Oh we entered the machine as root.

 

 

The commands seem to run on a single line and reset.

 

Then we can run the commands we will write in a single line

 

 

Now it's the root flag's turn.