[TryHackMe] Marketplace Walkthrough – How I Pulled Off a Cookie Heist to Become an Admin of the Target Website

CHALLENGE OVERVIEW BACKGROUND In this box, we are tasked with pen-testing an internal server to check for bugs before releasing it to the public. Judging by the tags on this box, we will execute some cross-site scripting and pull off a bit of SQL command injection. Let’s get started! ENUMERATION/RECON export myIP= export targetIP= 💡 … Read more

TryHackMe Linux PrivEsc – Magical Linux Privilege Escalation (2/2)

CHALLENGE OVERVIEW BACKGROUND Welcome back to part II of this Linux privilege escalation series. You can find part 1 of this mini-series here: 👉 Recommended: TryHackMe Linux PrivEsc – Magical Linux Privilege Escalation (1/2) In this tutorial, we’ll try some additional “magical” methods of gaining root access in tasks 11-21. Buckle in, and let’s get … Read more

Enum4Linux – Foothold Into the Target Machine (TryHackMe)

💡 Enum4linux is a software utility designed to extract information from both Windows and Samba systems. Its primary objective is to provide comparable functionality to the now-defunct enum.exe tool, which was previously accessible at www.bindview.com. Enum4linux is coded in PERL and essentially functions as an interface for the Samba toolset, including smbclient, rpclient, net, and … Read more

TryHackMe – How I Used WPScan to Extract Login Credentials (WordPress)

CHALLENGE OVERVIEW BACKGROUND This CTF challenge is another blackbox-style pentest where we don’t know anything about our target other than the IP address. We will have to discover ports and services running on the server with our standard pentesting tools like nmap and dirb scan. We also don’t have any inside information about the backend … Read more

TryHackMe Linux PrivEsc – Magical Linux Privilege Escalation (1/2)

CHALLENGE OVERVIEW BACKGROUND Using different exploits to compromise operating systems can feel like magic (when they work!). In this walkthrough, you will see various “magical” ways that Linux systems can be rooted. These methods rely on the Linux system having misconfigurations that allow various read/write/execute permissions on files that should be better protected. In this … Read more

[TryHackMe] Skynet Walkthrough Using Remote File Inclusion

🔐 How I used a remote file inclusion vulnerability to hack and root the Terminator’s computer CHALLENGE OVERVIEW BACKGROUND In this walkthrough, we will root a terminator-themed capture-the-flag (CTF) challenge box. IPs ENUMERATION NMAP SCAN RESULTS Starting Nmap 7.92 ( https://nmap.org ) at 2023-01-23 18:33 EST Stats: 0:00:02 elapsed; 0 hosts completed (1 up), 1 … Read more