CTF Notes, Security Insights, Practical Learning.
Description VulnNet Entertainment is a company that learns from its mistakes. They quickly realized that they can’t make a properly secured web application so they gave up on that idea. Instead, they decided to set up internal services for business purposes. As usual, you’re tasked to perform a penetration test of their network and report … Read more
Description Don’t over-baked your pie! https://tryhackme.com/room/unbakedpie Port scanning Nmap port scanning reveals that we have only one port open: 5003 Main website On the main website, we can see some cooking recipes. Photo of pickles is a tip 🙂 Cookie When we are using the search form, we can see that the phrase we are … Read more
Description https://tryhackme.com/room/nappingis1337 Even Admins can fall asleep on the jobTo hack into this machine, you must look at the source and focus on the target. Port scanning nmap -p- -sT -Pn -T5 –max-retries 2 10.82.148.107 Scan reveals open port 80 and 22 Main website The main website contains a login form and registration link.I created … Read more
Description Everything here is plotted! https://tryhackme.com/room/plottedtms Happy Hunting! Tip: Enumeration is key! Port scanning nmap -p- -sS -T4 -A 10.81.183.25 Main website Both sites – the one on port 80 and another one on 445 are presenting the default Apache Page. Directories enumeration feroxbuster -u http://10.81.183.25:80 -w /usr/share/wordlists/seclists/Discovery/Web-Content/big.txt feroxbuster -u http://10.81.183.25:445 -w /usr/share/wordlists/seclists/Discovery/Web-Content/big.txt The most … Read more
Description https://tryhackme.com/room/lightroom Welcome to the Light database application! I am working on a database application called Light! Would you like to try it out?If so, the application is running on port 1337. You can connect to it using nc MACHINE_IP 1337You can use the username smokey in order to get started. Solution There is an … Read more
Description https://tryhackme.com/room/dreaming Solve the riddle that dreams have woven.While the king of dreams was imprisoned, his home fell into ruins.Can you help Sandman restore his kingdom? Port scanning -Pn forces a full TCP scan even when the host blocks ICMP ping – many hardened labs drop ping packets. nmap -A -p- -T5 -Pn 10.81.188.191 Web … Read more
Description Difficulty: Easyhttps://tryhackme.com/room/vulnnetnode After the previous breach, VulnNet Entertainment states it won’t happen again. Can you prove they’re wrong? VulnNet Entertainment has moved its infrastructure and now they’re confident that no breach will happen again. You’re tasked to prove otherwise and penetrate their network. Web Language: JavaScriptThis is again an attempt to recreate some more … Read more
Description Server trouble in Bedrock. https://tryhackme.com/room/b3dr0ck Fred Flintstone & Barney Rubble! Barney is setting up the ABC webserver, and trying to use TLS certs to secure connections, but he’s having trouble. Here’s what we know… He was able to establish nginx on port 80, redirecting to a custom TLS webserver on port 4040There is a … Read more
Description Boot-to-root originally designed for Securi-Tay 2020https://tryhackme.com/room/jackofalltradesJack is a man of a great many talents. The zoo has employed him to capture the penguins due to his years of penguin-wrangling experience, but all is not as it seems… We must stop him! Can you see through his facade of a forgetful old toymaker and bring … Read more
Description https://tryhackme.com/room/farewell Use red-teaming techniques to bypass the WAF and obtain admin access to the web application. The farewell server will be decommissioned in less than 24 hours. Everyone is asked to leave one last message, but the admin panel holds all submissions. Can you sneak into the admin area and read every farewell message … Read more