Intermediate level CTF. Just enumerate, you'll get there. #Scanning Here we found open port 21, 80, 10000, and 55007 which run ssh services . #FTP Enumeration It Seems like some kind of rotation cipher. So, I use CyberChef to find out. Ah! Yes. its a ROT13 and this text is decrypted to : Just wanted to see if […]
Boiler_CTF TryHackme Read More »
Billy Joel made a blog on his home computer and has started working on it. It's going to be so awesome! Enumerate this box and find the 2 flags that are hiding on it! Billy has some weird things going on his laptop. Can you maneuver around and get what you need? Or will you
DailyBugle is a CTF Linux box with difficulty rated as “high” on the TryHackMe platform. The machine covers Joomla 3.7.0 SQL injection vulnerability and privilege escalation using yum. Network Scanning Enumeration We have identified a robots.txt file containing an administrator directory. Upon opening this directory we found out that an instance of Joomla was running
daily_bugle TryHackme Read More »
Wonderland is a boot2root CTF challenge that is designed to test your basic penetration testing skills. The machine is vulnerable to a variety of attack vectors, including: To complete the challenge, you will need to find the two flags hidden on the machine. The first flag is located in the /root directory, and the second
Wonderland TryHackme Read More »
The skills to be tested and needed to solve this room are: nmap, GoBuster, privilege escalation, Sudo, find, and gtfobins. This is a free room, which means anyone can deploy virtual machines in the room (without being subscribed)! Created by MrSeth6797 You can access the room at https://tryhackme.com/room/rootme Target Machine IP address can change during the process. Footprinting and Reconnaissance Nmap Scan nmap -A -Pn
Simple_CTF TryHackme Read More »
A ctf for beginners, can you root me? The skills to be tested and needed to solve this room are: nmap, GoBuster, privilege escalation, SUID, find, webshell, and gtfobins. This room was released today, 9/9/2020. Shout-out to the room creator, @reddyyZ. You can access the room at https://tryhackme.com/room/rootme Nmap Scan Run gobuster to look for hidden directories and files on the web server. Visit the hidden
This is a machine that allows you to practise web app hacking and privilege escalation In these set of tasks you'll learn the following: Nmap Scanning Web Application Directory Scan Enumerating the target machine staff.txt contain two username jan and kay Bruteforce ssh with hydra Password found “armando” First we will try to enumerate the
Basic_Pentesting TryHackme Read More »
