Hi,
This is write up for THM Avengers room on TryHackMe
Task 2 Cookies
Open the Browser and open dev tools and check storage and check the value for the cookie,Task 3 HTTP Headers
Task 4 Enumeration and FTP
nmap -sv VM_IP
we can see that ftp is opened
Open cli and enter ftp vm_ip log to the ftp service with provided username and password.
- You then try to list the files and directories with dir or ls command
- move to directory with cd dir_name
- list files in dir_name
- use command get file_name to download the file
- on your attackbox open the file and you get flag3
230 Login successful.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> ls
200 PORT command successful. Consider using PASV.
150 Here comes the directory listing.
drwxr-xr-x 2 1001 1001 4096 Oct 04 2019 files
226 Directory send OK.
ftp> cd files
250 Directory successfully changed.
ftp> ls
200 PORT command successful. Consider using PASV.
150 Here comes the directory listing.
-rw-r--r-- 1 0 0 33 Oct 04 2019 flag3.txt
226 Directory send OK.
ftp> get flag3.txt
local: flag3.txt remote: flag3.txt
Task 5 GoBuster
- For this task I ran following gobuster command to find the answer for this task:
gobuster dir -t 40 -u VM_IP -w /usr/share/wordlists/dirbuster/directory-list-2.3-small.txt
Task 6 SQL Injection
Make sure you enter the same payload for username and password
username :- ' or 1=1 -- -
password :- ' or 1=1 -- -
Task 7 Remote Code Execution and Linux
With this command we get the flag in reverse order so we need to copy it to attackbox command and reverese it again
echo "reversed_flag_string" | rev
No comments:
Post a Comment