Tag
This room is part of the TryHackMe’s Offensive Pentesting learning path, which is something a lot of people use when preparing for their OSCP exam. This was one of the first rooms and it involved attacking a web application exploiting a file upload functionality, bypassing file extension whitelisting, and exploiting a SUID binary to escalate privileges.
Read moreThis was an intermediate box that involved decoding a base64-encoded password to access a file upload page, through which a PHP reverse shell can be uploaded to gain an initial access. From there, a password has to be de-ciphered using ROT13 in order to obtain root access to the machine.
Read morePrivilege escalation is a crucial step in the penetration testing lifecycle, through this Checklist I intend to cover all the main vectors used in Linux privilege escalation, and some of my personal notes that I used in previous penetration tests.
Read more