Have you ever wondered how an IDOR vulnerability can lead to the root access on a remote machine through ssh. You can always LogIn on TryHackMe, go to rooms → meandmygirlfriend Reconnaissance: Initially using the nmap to scan the port of information gathering. I got port 80 and 22 open. When…

Capturing the flag leads to finding LFI vulnerability in the machine. Check out this box at https://tryhackme.com/room/godblessamerica .You can always LogIn on TryHackMe, go to rooms → godblessamerica. Reconnaissance: Initially used nmap for port scanning. I found that port 80 and 2082 are open ports.

Ever wondered what happens to the files that are deleted from the GitHub repository but can pose a threat to your organization. Creating large attacking space for a malicious actor to get root access to the machine! Checkout this CMS based Splunk vulnerability that has been exploited in this CTF TryHackMe…

Can you capture the root flag in the vulnerable machine? Check out the box https://tryhackme.com/room/tr0ll3tuur . You can always LogIn on TryHackMe, go to rooms → tr0ll3tuur. A lot of pivoting upcoming Reconnaissance Nmap to find out all the services and open ports. I reckon the only interesting port was 22…

Can you capture all the flags in the vulnerable machine? Check out the box https://tryhackme.com/room/defensespace. You can always LogIn on TryHackMe, go to rooms → defensespace. Information Gathering: Nmap scan revealed that there are 3 ports open: Port 21, port 80 and port 443. SSL certificate has flag 3 embedded…

Can you root this CMS based vulnerable machine? This CTF will test your enumeration skills and patience. TryHackMe has this amazing box here: https://tryhackme.com/room/goldeneyess. You can always LogIn on TryHackMe, go to rooms → goldeneyess. Enumeration: Nmap helps me gather information on the open ports. Port 80 and 25 are…

Can you root this Wordpress style, SQL injection vulnerable machine? This CTF is about SQL Injection and Wordpress hacking. Developers watch out for the website!! TryHackMe has this amazing box here: https://tryhackme.com/room/freshly. You can always LogIn on TryHackMe, go to rooms → freshly. Information Gathering: Nmap helps me gather information on…

Can you root this Wordpress style machine? This CTF is all about hacking Wordpress. Developers watch out for this one!! TryHackMe has this amazing box at : https://tryhackme.com/room/webdeveloper. You can always LogIn on TryHackMe, go to rooms → webdeveloper. 1. Enumeration Let’s find out the open ports on the machine. Port…

Checkout this virtual machine on TryHackMe. LogIn on TryHackMe, go to rooms → raven2uy. Link: https://tryhackme.com/room/raven2uy Information Gathering: Let’s connect to target machine in TryHackme, using nmap on the virtual machine to collection information on the open ports. I head straight to website to find what’s it like on the webpage…