Solving Lookup – TryHackMe Challenge Writeup
Complete walkthrough of Lookup room on TryHackMe: form brute-forcing, elFinder CVE and 2 Linux misconfigurations lead us to the root flag.
ffuf
Solving Basic Pentesting – TryHackMe Challenge Writeup
Full walkthrough of the TryHackMe Basic Pentesting room: web enumeration, SMB usernames, SSH access and SSH private key brute-force.
RootMe Writeup – Full TryHackMe CTF Solution
Full walkthrough of RootMe: reconnaissance, getting a PHP shell then a reverse shell, and elevating our privileges through a SUID misconfiguration
Corridor Writeup – TryHackMe IDOR Challenge
Full walkthrough of the Corridor Challenge on TryHackMe. We find the flag by exploiting IDOR through a MD5 id in the URL of the web app.
TryHackMe TakeOver Writeup – Subdomain Challenge
Full writeup of TakeOver from TryHackMe. Subdomain enumeration and TLS certificate inspection leads to the discovery of a secret subdomain
Lazy Admin Writeup – TryHacKme Challenge
In this post, we solve the Lazy Admin CTF from TryHackMe by exploiting 2 CVE of SweetRice CMS and a sudo misconfiguration to get root.
Pickle Rick Writeup – Easy TryHacKme CTF
Pickle Rick is a very easy TryHackMe CTF. We complete it by accessing a web portal, getting a reverse shell and exploiting sudo to become root.
Fuzz Websites with ffuf – Complete Tutorial
Learn how to master ffuf, from discovering hidden directories and files to revealing virtual hosts. Ffuf is a fast, reliable, simple and flexible web pentesting tool
Solving Pyrat – an Easy TryHackMe Challenge
Pyrat is an easy TryHackMe challenge where we exploit a Python code execution and use a .git folder to further compromise the server.
Conversor Writeup – An Easy Linux Hack The Box Machine
Conversor is an easy linux Hack THe Box machine, where we exploit XSLT injection to get a shell and use a needrestart CVE to get root access