type
status
date
slug
summary
tags
category
icon
password
Catagory
Materials
Retired
Retired
Due date
Jan 16, 2024 05:30 AM
Status
Belong in
Progress
Reconnaissance
Scan the box; how many ports are open?
6
What version of the squid proxy is running on the machine?
3.5.12
How many ports will Nmap scan if the flag -p-400 was used?
400
What is the most likely operating system this machine is running?
Ubuntu
What port is the web server running on?
3333
What is the flag for enabling verbose mode using Nmap?
-v
Locating directories using gobuster
Compromise the Web server
What common file type you'd want to upload to exploit the server is blocked? Try a couple to find out.
.php
Run this attack, what extension is allowed?
fuzz the extensions
User flag
prepare the webshell & upload
Privilege Escalation
On the system, search for all SUID files. Which file stands out?
/bin/systemctl
Root Flag
a58ff8579f0a9270368d33a9966c7fd5
Reference
- 作者:ji3g4gp
- 連結:https://gpblog.vercel.app//article/Try-Hack-Me-Vulnversity
- 著作權:本文採用 CC BY-NC-SA 4.0 許可協議,轉載請註明出處。