📓
Pentesting
  • Writeups
  • HackTheBox
    • Easy Machines
      • Beep Writeup
      • Shocker Writeup
      • Lame Writeup
      • Jerry Writeup
      • Legacy Writeup
      • Blue Writeup
  • TryHackMe
    • Walkthroughs: Easy
      • CC: Steganography
      • Cryptography for Dummies
      • Cross-site Scripting
      • SQL Injection Lab
      • SQL Injection
      • ZTH: Web 2
      • SSRF
      • XXE
      • Authenticate
      • Injection
      • Blaster
      • The Cod Caper
      • Hardening Basics Part 1
      • What the Shell?
      • Game Zone
      • Upload Vulnerabilities
      • Bolt
      • Erit Securus 1
      • CC: Pentesting
      • JavaScript Basics
      • OverPass 2 - Hacked
      • Linux: Local Enumeration
      • Ice
      • Linux Backdoors
      • Avengers Blog
      • DNS in Detail
      • Putting it all together
      • Kenobi
      • Common Linux Privesc
      • Network Services 2
      • Network Services
      • The Hacker Methodology
      • The Find command
      • HTTP in Detail
      • Web Fundamentals
      • How Websites Work
      • Introductory Networking
    • Challenges (CTF): Easy
      • VulNet: Roasted
      • VulNet: Internal
      • Git Happens
      • Kiba
      • VulNet: Node
      • Memory Forensics
      • Smag Grotto
      • Investigating Windows
      • Cat Pictures
      • Juicy Details
      • Anthem
      • Tony The Tiger
      • Jack-of-All-Trades
      • JPGChat
      • Blueprint
      • All in One
      • Gotta Catch'em All
      • Mustacchio
      • Break Out The Cage
      • HeartBleed
      • Poster
      • Madness
      • Source
      • Thompson
      • Library
      • Magician
      • Anonforce
      • Dav
      • GLITCH
      • Fowsniff CTF
      • Team
      • H4cked
      • Easy Peasy
      • ColddBox: Easy
      • Archangel
      • Cyborg
      • Chocolate Factory
      • Brute It
      • Year of the Rabbit
      • ChillHack
      • Gaming Server
      • Brooklyn Nine Nine
      • Wgel CTF
      • Tomghost
      • ToolsRus
      • Skynet
      • Startup
      • Agent Sudo
      • Lian-Yu
      • OhSINT
      • Overpass
      • Crack The Hash
      • Ignite
      • Inclusion
      • Bounty Hunter
      • LazyAdmin
      • RootMe
      • Pickle Rick
      • Basic Pentesting
      • Simple CTF
  • Crackmes.one
    • 1 Difficulty Rating
      • easyAF
      • Easy Keyg3nme
Powered by GitBook
On this page
  • Cookies
  • HTTP Headers
  • Enumeration and FTP
  • Gobuster
  • SQL Injection
  • Remote Code Execution and Linux

Was this helpful?

  1. TryHackMe
  2. Walkthroughs: Easy

Avengers Blog

PreviousLinux BackdoorsNextDNS in Detail

Last updated 3 years ago

Was this helpful?

Cookies

Lets visit the webpage

Lets look at the Cookies (Ctrl + Shift + i) in the Storage tab'

We have the flag

HTTP Headers

Lets go to the Network tab and hit reload and select the option to only look at HTTP requests

We have the second flag

Enumeration and FTP

Lets run a nmap scan to find open ports and then login into FTP with the given credentials.

Lets look at the files on the FTP server,

We have a directory and the flag in the directory, so transfer the file onto our machine and read the file to get the third flag.

Gobuster

Lets run gobuster to find hidden files and directories

The /portal has a login page, so that the answer for this task

SQL Injection

Lets capture the request using Burp and send it to repeater

Now lets use SQL Injection to login as admin

Its says found, now lets send it as a real request in the proxy tab.

We are logged in. Looking at the source code, there are 223 lines being used, so that is the answer to the question in this task.

Remote Code Execution and Linux

We cannot read the file with the cat command, so lets use the tac command