Posts

Showing posts from July, 2020

Blog write-up THM

-
Image
Another week, another write-up Blog is a medium difficulty room created by Nameless0ne on tryhackme.com :- https://tryhackme.com/room/blog I'll try my best to explain about all the tools and methodologies, The goal of this room is to teach:- Wordpress Enumeration Gaining a shell using a unique vulnerability for a specific Wordpress version Getting root privileges using a very creative vulnerability So let's get started. So, after starting up the room, the first thing we always do is to run an nmap scan to see all the open ports and services running on the machine. nmap -sC -sV <machine-IP> -oN nmapscan -sC:- is used for a script scan -sV:- Shows us the version of all the services running -oN:- stores the result in a file with .nmap format And by the result we can see:- PORT     STATE      SERVICE 22           open          ssh          80      ...
Post a Comment
Read more

Daily Bugle Write up

-
Image
Hello fellow hacker, today I'm going to help you solve the machine Daily bugle on TryHackMe:- https://tryhackme.com/room/dailybugle So let's begin. The main objectives of this machine is to:- Compromise joomla CMS via SQL injection vulnerability Cracking hash using a tool called john the ripper. And taking advantage of a b inary called 'yum' that allowed for privilege escalation # First step we begin by running an nmap scan against the target machine:- nmap -sC -sV <target-machine-IP> -oN nmapscans -sC :- this tag runs a script scan on target machine -sV :- this tag detects services and versions of services running on the machine -oN :- this tag allows us to save the result for future reading. As the result shows there's:- PORT       STATE SERVICE ------------------------------------------ 22/tcp       open     ssh 80/tcp       open     http 3306 /tcp   open   ...
Post a Comment
Read more

Avengers Write up

-
Image
Hello there fellow avenger, today I will help you walk through the Avengers Machine on TryHackMe:- https://tryhackme.com/room/avengers It is a fairly easy machine, So let's begin Avengers Assemble!! Problem 1:- Cookies There were 2 ways to get this flag;  Checked the page source and got a hint:- and then we can open the /js/script.js URL to get flag1:-
Post a Comment
Read more