A detailed writeup on the TryHackMe Archangel room. This walkthrough covers exploiting a Local File Inclusion (LFI) vulnerability to gain initial access through Apache log poisoning, and escalating privileges to root via a cronjob and PATH hijacking.
A step-by-step guide to completing the TryHackMe GamingServer room. This walkthrough covers reconnaissance, gaining initial access, and escalating privileges using the LXD vulnerability.
A step-by-step guide to solving the b3dr0ck room on TryHackMe.
This article provides a detailed walkthrough for the 'Year of the Rabbit' room on TryHackMe. We'll start by uncovering hidden web pages and using BurpSuite to intercept traffic, leading us to credentials hidden within an image. From there, we'll gain initial access via FTP and finally escalate our privileges to root by exploiting a specific sudo vulnerability.
A full writeup for the TryHackMe Fowsniff CTF. Learn how to go from leaked credentials to root access by cracking MD5 hashes, pivoting from POP3 to SSH, and exploiting a writable MOTD script.
A comprehensive walkthrough of the TryHackMe Anthem room. This guide covers reconnaissance via robots.txt, gaining initial access to the Umbraco CMS, connecting via RDP, and escalating privileges on Windows by manipulating file permissions to reveal the administrator password.
A step-by-step walkthrough for the TryHackMe 'Lian Yu' room. This guide covers initial access by discovering hidden directories, decoding a Base58 password for FTP access, and using steganography to find SSH credentials. Privilege escalation is achieved by exploiting sudo rights on pkexec.
A step-by-step walkthrough for the TryHackMe 'Mustacchio' room. This guide covers initial access via XXE injection and privilege escalation to root by exploiting a SUID binary with a PATH hijacking vulnerability.
A step-by-step walkthrough for the TryHackMe 'Chill Hack' room. This guide covers the entire process from initial reconnaissance and exploiting a command injection vulnerability to escalating privileges to root.
A step-by-step walkthrough for the TryHackMe Wgel CTF room. This guide shows how to gain initial access via an exposed SSH key and escalate privileges to root by exploiting a wget sudo misconfiguration.
