Solving Lookup – TryHackMe Challenge Writeup
Complete walkthrough of Lookup room on TryHackMe: form brute-forcing, elFinder CVE and 2 Linux misconfigurations lead us to the root flag.
TryHackMe Challenge
Solving Basic Pentesting – TryHackMe Challenge Writeup
Full walkthrough of the TryHackMe Basic Pentesting room: web enumeration, SMB usernames, SSH access and SSH private key brute-force.
RootMe Writeup – Full TryHackMe CTF Solution
Full walkthrough of RootMe: reconnaissance, getting a PHP shell then a reverse shell, and elevating our privileges through a SUID misconfiguration
Corridor Writeup – TryHackMe IDOR Challenge
Full walkthrough of the Corridor Challenge on TryHackMe. We find the flag by exploiting IDOR through a MD5 id in the URL of the web app.
Lo-Fi Writeup on TryHackMe – File Inclusion
This writeup covers the solution of Lo-Fi room on TryHackMe. A PHP File Inclusion along with path traversal allow us to read the flag.
TryHackMe TakeOver Writeup – Subdomain Challenge
Full writeup of TakeOver from TryHackMe. Subdomain enumeration and TLS certificate inspection leads to the discovery of a secret subdomain
TryHackMe “Agent T” Writeup – Easy Challenge
Writeup of TryHackMe challenge “Agent T”. We exploit the backdoored version of PHP 8.1.0-dev to get Code Execution and read the flag.
TryHackMe Compiled Challenge – Writeup
This writeup shows how to solve the TryHackMe challenge “Compiled”, by extracting the flag from the strings of a compiled program
Lazy Admin Writeup – TryHacKme Challenge
In this post, we solve the Lazy Admin CTF from TryHackMe by exploiting 2 CVE of SweetRice CMS and a sudo misconfiguration to get root.
Pickle Rick Writeup – Easy TryHacKme CTF
Pickle Rick is a very easy TryHackMe CTF. We complete it by accessing a web portal, getting a reverse shell and exploiting sudo to become root.