TryHackMe Writeups
-
http://<machine-ip>/login.html Now we got string which uses a ReverseString Function so Let’s try to Reverse it Ans: flag{edb0be532c540b1a150c3a7e85d2466e}Thanks for reading it twin 😀
-
Learning Objectives Throughout this room, you will gain a comprehensive understanding of the following key concepts: {Task 1} 1)I am ready to start the room. Ans: No answer needed {Task 2} 2)What measures the amount of randomness or unpredictability in a system? Ans: entropy 3)Is it a good practice to keep the same seed value…
-
A guided room taking you through infiltrating and exploiting a Linux system. {Task 1} {Task 2} Host Enumeration 2.1 How many ports are open on the target machine? sudo nmap -sC -sV ‘machine-ip’ Ans: 2 2.2 What is the http-title of the web server? Ans: Apache2 Ubuntu Default Page: It works 2.3 What version is…
-
{Task 1} Introduction In this room, we will examine application security (AppSec) and incident response (IR). More specifically, we will learn how shifts in threat landscapes, software architecture, and attacker behaviour have made AppSec IR, an intersection of these two practices, increasingly relevant and teach the basics of this hybrid function. Learning Prerequisites While this room has…
-
{task 1}Introduction Malware refers to software or code created to damage systems, steal information, or allow unauthorised access. It appears in many forms, each with different tactics and goals. Malware can affect businesses in many ways, from financial loss and stolen data to disrupted services and reputational damage. Knowing how malware works is one of…
-
Recap Before diving in, let’s quickly recap the concepts we’ll explore in this room: Sessions and tokens. Authentication & Authorisation Authentication is the process of verifying your identity (are you J. Doe?). In contrast, authorisation determines what actions an identity can perform in a given resource (what can J. Doe do?). Sessions When you authenticate…
-
To view this room: https://tryhackme.com/room/linuxfundamentalspart1To view the Gitbook for this, view it here. Topics: Introduction Note: to actually become familiar with Linux, you need to be using it daily. Make sure you have it installed (whether that be as your host system, a dual reboot, or on a virtual machine). For pentesting, most people prefer to use Kali. The…
-
{Task 1}What is Penetration Testing? Before teaching you the technical hands-on aspects of ethical hacking, you’ll need to understand more about what a penetration tester’s job responsibilities are and what processes are followed in performing pentests (finding vulnerabilities in a clients application or system). The importance and relevancy of cybersecurity are ever-increasing and can be…
-
{Task 12} NSE Scripts Searching for Scripts Ok, so we know how to use the scripts in Nmap, but we don’t yet know how to find these scripts. We have two options for this, which should ideally be used in conjunction with each other. The first is the page on the Nmap website (mentioned in the previous task) which contains a list of…
-
{Task 1} DeployStart Machine Press the green button to deploy the machine! Please Note: This machine is for scanning purposes only. You do not need to log into it, or exploit any vulnerabilities to gain access. If you are using the TryHackMe AttackBox then you will need to deploy this separately. Click the Start AttackBox button on the…
