[TryHackMe] Marketplace Walkthrough – How I Pulled Off a Cookie Heist to Become an Admin of the Target Website
CHALLENGE OVERVIEW BACKGROUND In this box, we are tasked with pen-testing an internal server to check for bugs before releasing it to the public. Judging by the tags on this box, we will execute some cross-site scripting and pull off a bit of SQL command injection. Let’s get started! ENUMERATION/RECON export myIP=10.10.129.195 export targetIP=10.10.163.156 💡 … Read more