Tag

TryHackMe

CTF Walkthroughs, TryHackMe

TryHackMe – Alfred Walkthrough

Introduction

This was an easy Windows box that involved authenticating to Jenkins using common credentials, executing commands through the Groovy scripting language used in the script console to gain remote access and using token impersonation to escalate privileges to SYSTEM.

It also involved switching from a normal shell to a Meterpreter shell and migrating from a user level process to a SYSTEM level process.

Read more
Reviews, Training Labs

TryHackMe – Offensive Pentesting Learning Path Review

Introduction

Offensive Pentesting is one of the learning paths available on the TryHackMe platform. It is primarily designed for students preparing for the Offensive Security Certified Professional certification exam.

It contains both rooms that step the students through the various exploitation steps as well as rooms that aim to simulate a black box penetration test.

Read more
CTF Walkthroughs, TryHackMe

TryHackMe – Kenobi Walkthrough

Introduction

This was an easy Linux box that involved gaining initial access by exploiting a vulnerability in ProFTPD to copy a user’s SSH key to a world-readable directory, grabbing it using SMB and using it to authenticate to via SSH and exploiting a vulnerable SUID binary in conjunction with PATH Environmental Variable manipulation to escalate to root.

Read more
CTF Walkthroughs, TryHackMe

TryHackMe – Vulnversity Walkthrough

Introduction

This room is part of the TryHackMe’s Offensive Pentesting learning path, which is something a lot of people use when preparing for their OSCP exam. This was one of the first rooms and it involved attacking a web application exploiting a file upload functionality, bypassing file extension whitelisting, and exploiting a SUID binary to escalate privileges.

Read more