THM Writeup: Source

I did a nmap scan against the target and uncovered these open ports. 22/tcp open ssh OpenSSH 7.6p110000/tcp open http MiniServ 1.890 (Webmin) Now to the enumeration stage. I decided to go with the port 10000. If you do a search on Metasploit about MiniServ 1.890. There would be an interesting exploit that will show up. Ok looks nice now […]

THM Writeup: Psycho Break

[ Tasks ] The Nmap scan reveals that there are 3 ports open Let’s take a look at port 80. Check out the page source you will find a directory called “/sadiestRoom” mentioned in a comment. Grab the locker room key Ok, now it’s time to go to the next room which is the Locker Room before the poor guy […]

THM Writeup: Lian Yu CTF

Setup your VPN to tryhackme VPN and startup the target machine and let’s get started.Scanned the target IP with Nmap and found 4 open ports. Now that we have found port 80 open we know that there is a web server running. Now to scan for any directories on the webserver. I used gobuster with the wordlist of common.txt (Dirb […]

THM Writeup: LFI

Hey folks, what’s up. Today we’re taking a look at the LFI room. This room is intended to get you warmed up to exploit LFI vulnerabilities. ====================================== Spoiler Alert If you are a beginner at LFI try to do the challenge yourself if you are stuck at any point you can read the writeup. ====================================== Let’s get started. Since this […]

THM Writeup: Jack-of-All-Trades

Ok first of all I started with a Nmap scan. Discovered 2 open ports. But the services look wired because port 22 usually runs ssh while port 80 runs a web server. I tried accessing port 22 on my browser (firefox) and there was an error msg. Port 22 is a network port and by default, browsers don’t allow to […]

THM Writeup: CTF collection Vol.1

[ Task 2 ] What does the base said? This is a base64 encoded string. You can recognize it with the equals (=) at the end. [ Task 3 ] Meta meta This task requires you to download a normal jpg image file. You can use the strings command to show all the printable characters from a file. I used […]

THM Writeup: Hydra

I am going to be continuing from the task 2 box. The target IP has an HTTP login page on it. The objective of challenge 1 is to find user molly’s password. To brute force with hydra, you will need the POST request that is being sent to the server for the login attempt. To get the POST request I […]

THM Writeup: Madness CTF

Startup the target machine and jump into the challenge.I did a Nmap scan against the machine I found 2 open ports. I managed to visit the webserver running and I found a default apache page I did a gobuster scan with common.txt (dirb default wordlist) but couldn’t find much useful information. So I managed to check the source code of […]

THM Writeup: Startup

As always start with a port scan against the target. I used nmap: Now let’s move on to the port 80 HTTP website. Start with a web directory scan to identify the web files/directories. There is a directory called “/files”. http://[Target Ip]/files Here’s what the note says: Huh, Maya might be a potential username. So let’s keep a note of […]