TryPwnMe One was a room dedicated to binary exploitation (pwn), featuring seven challenges related to this subject.

Hammer started with discovering a log file on the web application with fuzzing and an email address inside. With a valid email address in hand, we were able to request a password reset for the user. After bypassing the rate limit to be able to brute-force the password recovery code, we were successful in resetting the password for the user and accessing the dashboard. After gaining access to the dashboard, we used forged JWTs to escalate our role from user to admin to be able to run commands and completed the room.

Introduction Detailed walkthroughs for U.A. High School CTF challenges on TryHackMe . Summary This CTF challenge required participants to identify and exploit a hidden OS command injection vulnerability in the U.A. Superhero Academy’s website. Successful exploitation led to gaining root privileges on the system. Vulnerability The website contains a hidden functionality that allows for the execution of shell commands. This vulnerability can be exploited to gain unauthorized access to the system.

Intro Nessus is a proprietary vulnerability scanner developed by Tenable, Inc. This blog is about the installation of Nessus Essentials on Linux. Installation Register First lets register in Tenable Nessus Essentials to get the activation code. Tenable Nessus Essentials Enter your information in the register form shown above, click Get Started. Download Nessus Mail with Activation Code We should have received a mail with Activation Code. Note down the activation code and click the Download Nessus for the downloading page.

Introduction Detailed walkthroughs for Airplane CTF challenges on TryHackMe . Tools Used rustscan, ffuf, nessus, curl, nc, gdb, ssh-keygen, ssh Enumeration Lets start the process by mapping host-name to target IP address. sudo echo "10.10.249.133 airplane.thm" >> /etc/hosts Rustscan Let’s start enumaration process using rustscan portscanner. $ rustscan -a airplane.thm – -sC -sV Open 10.10.249.133:22 Open 10.10.249.133:6048 Open 10.10.249.133:8000 [~] Starting Script(s) [>] Running script "nmap -vvv -p {{port}} {{ip}} -sC -sV" on ip 10.

Introduction Detailed walkthrough for New York Flankees CTF challenges on TryHackMe . Tools Used rustscan, burpsuite Enumeration Lets start the process by mapping host-name to target IP address. sudo echo "10.10.140.44 nythm.com" >> /etc/hosts Let’s start enumaration process using rustscan portscanner. rustscan -a nythm.com – -sC -sV .—-. .-. .-. .—-..—. .—-. .—. .–. .-. .-. | {} }| { } |{ {__ {_ }{ {_ / ___} / {} | `| | | .

Introduction Detailed walkthrough for CyberLens CTF challenges on TryHackMe . Tools Used rustscan, ping, burpsuite, nc, metasploit, msfvenom. Enumeration Lets start the process by mapping host-name to target IP address. mapping cyberlens.thm to the target IP address When any user or application on the system tries to access cyberlens.thm, it will be directed to the IP address specified in the /etc/hosts file. Lets use rustscan for port scanning the target domain.