This is my very first write-up that I want to offer to newcomers as I was not long ago one myself. I’ve been in the hacking scene since late 2020, so my experience is limited — but growing fast every single day. Since I started in this scene, I have found TryHackMe (THM) to be the most efficient and fun way to learn, by gamifying your experience which ultimately facilitates learning different hacking concepts. There are other sites out there that offer similar cybersecurity training such as Hack The Box, but THM will always be my favorite. ❤
Very straight-forward box - beginner-intermediate friendly - focusing on minor port enumeration and by looking at web page source code, finding creds by cracking a hash found on Google, and then exploiting XXE to gain foothold. Privilege escalation was very straight forward by exploiting a SUID with our PATH variable. The XXE can be a bit tricky if done entirely through Burpsuite, or so I found… but other than that — nice clean easy box.
This room can be found here: https://tryhackme.com/room/mustacchio
First start with an nmap scan of all ports:
nmap -p- -vv <ip>
Good day fellow hackers,
I just recently passed the eJPT exam and have achieved my very first certification in the field and, after sharing my achievement on Twitter, someone wrote me if I was going to share this journey. Originally I was hesitant as I still consider myself a n00b, but figured hey — I always love reading other’s experiences, especially those from people with little or no professional background in IT, so it’s my turn to contribute as one from this demographic.
I’ll separate my experience into four parts:
Room link: https://tryhackme.com/room/lunizzctfnd
This was an interesting box as there were several ways of gaining root, some of them easier than others. I still enjoyed it, but if I were to try the ‘intended’ way, I don’t think I would have been successful.
DO NOT READ ON IF YOU WANT THE INTENDED SOLUTION, this is an alternate *easier* way of gaining root.
To start, we will begin by enumerating the box with Nmap. We see ports 22, 80, 3306 and 4444 and 5000 are open. …
This was a very fun room, and the first medium difficulty room I took a stab at without referring to anyone else’s write-up. This is on the easier end of the medium difficulty boxes, but none-the-less you explore quite a few basic concepts such as LFI, RCE, and PrivEsc. There’s a LOT of reverse shells in this one so a handy cheatsheet is PayloadAllTheThings.
Great practice for the seasoned CTF’er (I would assume!).
I’d give this one a 4/10 for difficulty, in my own humble opinion.
Let’s start by deploying the VM.
Running Nmap shows us 3x open ports: 21…
This room will teach you several topics such as: RCE, PrivEsc Race Conditions and how to exploit them. There’s a very nifty video that I will link later on in the walkthrough in order to follow on for the Priv Esc part and how to exploit that included binary…
I really enjoyed this room, wasn’t too bad difficulty wise. Although the room is a ‘medium’ room, it is very borderline medium/easy — but that’s just my own opinion :).
<pump_own_tires> May I add this is the first room that I’ve completed without finding another walkthrough on the web (at the…
In this room we will explore several concepts such as Local File Inclusion (LFI) through log file poisoning, and PrivEsc through Cronjobs and Path exploitation. I really enjoyed this box… but I had to complete it in two separate sessions as I was really hitting a brick wall trying to gain access at the LFI part. Turns out, I messed up too many things in the log file and none of my commands were taking anymore. Instead of just re-deploying the machine like I should have… I just kept pressing — hence the brick wall. …