TryHackMe - Backtrack
Backtrack from TryHackMe revolves around ../, from lfi to file upload down to wild card exploit, nothing else to say besides that it’s a wonderful box where you will learn new things. Enumer...
Backtrack from TryHackMe revolves around ../, from lfi to file upload down to wild card exploit, nothing else to say besides that it’s a wonderful box where you will learn new things. Enumer...
Weasel from TryHackMe has a beautiful mix between linux and windows. We start by finding jupyter token on an smb share allowing us to login and get a reverse shell on a wsl linux machine. On ...
CyberLens from TryHackMe is an easy box running a software on a non standard port that is vulnerable to RCE giving us a foothold. After that we run exploit suggester on metasploit and use the...
Pyrat from TryHackMe involves exploiting a python script running on the machine to get both foothold and privilege escalation, but the last part requires us to write a script to brute force a...
Description: Mkingdom from TryHackMe is running a web server with a cms that allows file upload, we exploit that to get foothold. On the machine we find credentials on the config file giving...
Publisher from TryHackMe has a website vulnerable to rce giving us foothold, after that we bypass apparmor restrictions so we can exploit an SUID binary to get root. Enumeration nmap We st...
CheeseCTF from TryHackMe has a login page on a website vulnerable to SQLi allowing us to bypass the login and access the dashboard. After that we find an LFI which we exploit to get a foothol...
Boardlight from HackTheBox is running a website vulnerable to code injection givin us a foothold. We find a password inside a config file which we use to elevate our privileges. Then we find ...
Mailing from HackTheBox is a windows box running hmailserver and a IIS web server, the website is vulnerable to file read allowing us to read password of the hmailserver. After that we use an...
Description: Usage from HackTheBox is running a website vulnerable to an sql injection allowing us to dump the database and get a password hash, we crack it and login to an admin page runnin...