Post

RootMe - Install File

RootMe challenge walkthrough - Install File

Posted
Preview Image
By Mustafa Eltayeb
1 min read

RootMe – Install File

Mission
Find the password to solve the challenge.

Analysis

  • The challenge starts with an empty page (no visible content).
  • Inspecting the page source reveals an HTML comment:
    1

    <!-- /web-serveur/ch6/phpbb -->

    This hints at a hidden directory (likely a phpBB forum installation path).

Solution steps

  1. Navigate to the hinted path:
    http://challenge01.root-me.org/web-serveur/ch6/phpbb/
    → Another empty page appears.

  2. Run directory enumeration with dirsearch:
    1

    dirsearch -u http://challenge01.root-me.org/web-serveur/ch6/phpbb/

    → Key finding: 200 response for /web-serveur/ch6/phpbb/install/ (12KB).

  3. Access the installation directory:
    http://challenge01.root-me.org/web-serveur/ch6/phpbb/install/
    → Lists files, including install.php.

  4. Open install.php directly in your browser:
    → The script is still accessible (common post-installation misconfiguration).
    → It displays the hardcoded password or flag for the challenge.

Finished. Happy Hacking!

Follow me:

Root Me, web server
RootMe CTF Web InstallFile DirectoryEnumeration Misconfiguration
This post is licensed under CC BY 4.0 by the author.