TryHackMe Writeups
-
Yo, back with another write-up, I started with an Nmap scan which showed ports 80 and 22 open. Obviously, I ran an aggressive scan after that. It revealed another port, but that’s a spoiler, so we’ll get to it later 😉 Next, I performed directory enumeration. There wasn’t anything interesting at first, but I did…
-
Yo, back with another write-up. This one was very easy and took me around 25 minutes to complete, so let’s get started. I began with an Nmap scan, which showed that ports 22 (SSH) and 80 (HTTP) were open. Since a web service was running, the next logical step was enumeration. After that, I used…
-
Yo, Back with another writeup, before we gonna start, we will take a deep dive about RSA in very simple language, Alright, let’s turn this into a very simple story, zero scary math vibes 😄 RSA : The lock and the secret Imagine RSA is a special lock used to protect messages. To build this lock, we…
-
Yo everyone! Back with another write-up, Today we’re going to solve the w1seGuy room on TryHackMe. First, download the task files provided in the room and then start the machine source.py import randomimport socketserver import socket, osimport stringflag = open(‘flag.txt’,’r’).read().strip()def send_message(server, message): enc = message.encode() server.send(enc)def setup(server, key): flag = ‘THM{thisisafakeflag}’ xored = “” for i…
-
Yo, Back with another writeup! Today, we’ll try to complete the Unstable Twin room. We start with an Nmap scan: nmap -sS -sV <IP> The scan shows that ports 22 (SSH) and 80 (HTTP) are open. What is the build number of Vincent’s server? Answer: 1.3.4-dev To find this, you can use Burp Suite: To get…
-
Yo, Back with another writeup, This one is easy, but only if you automate it. You are given usernames.txt and passwords.txt, and you need to test all the combinations. Once you do that, you’ll be able to log in and retrieve the flag from the website. Manually testing a large number of usernames and passwords…
-
Yo, finally back with another TryHackMe writeup, I started with an Nmap scan, which showed ports 80 (HTTP) and 22 (SSH) open, indicating a web service and SSH access. After visiting the web page, I didn’t find anything interesting. I then checked the robots.txt file and noticed a disallowed path: User-agent: * Disallow: /zYdHuAKjP When…
-
Welcome back, folks! I’m finally back on TryHackMe, and this time I pwned an easy room called Magician. It was pretty straightforward for me, so let’s get started From the initial Nmap scan, we identified three open ports, each presenting a potential attack vector: web interface: After successfully logging into the FTP service, I was…
-
What does HTTP response code 302 mean? Found What’s an easy way for us to tell the difference between a failed and a successful login attempt in the above? Location Response Header Can we use Burp Suite to effectively brute force the login in this instance? (Yay/Nay) Nay What action can we use to show…
-
What is the default command line interpreter in the Windows environment? cmd.exe What is the OS version of the Windows VM? 10.0.20348.2655 What is the hostname of the Windows VM? WINSRV2022-CORE Which command can we use to look up the server’s physical address (MAC address)? ipconfig /all What is the name of the service listening…
