I Like To Break Stuff: 2020

TryHackMe write-up: Startup

Introduction

This is my write-up for TryHackMe's Startup Room

Enumeration

Using nmap, I found that this box had 3 ports open.

The webpage looked like it was still under development.

I then ran gobuster and found a hidden folder.

Looking at the files directory, I saw the following:

Going back to the ftp service, I tried logging in via anonymous user.

Introduction

This is my write-up for TryHackMe's Brute It Room.

Enumeration

Using nmap, I found that this box had 2 ports open.

Checking port 80, I see the default Apache web page.

I then used gobuster to search for any folders.

The new folder leads to a login page.

Introduction

This is my write-up for TryHackMe's The Marketplace Room.

Enumeration

Using nmap, I found that this box had 3 ports open.

Checking both ports 80 and 32768, we see the same website:

Looking at 1 item, I saw that there's a contact author and report to admins option.

Clicking on either link brought me to the login page.

It's a good thing I can also sign up to this site:

Prior to signing up and logging in, I checked for robots.txt. I found that there's a "hidden" folder.

Checking this folder, I found that I needed to do something to access it.

Introduction

This is my write-up for TryHackMe's Revenge Room. As can be seen in the note, this room is actually a continuation of another room Blog. The write-up for that is found in TryHackMe write-up: Blog

After hacking Billy's website, he tracks us down and sends us the following note.

Enumeration

Using nmap, I saw that this box has 2 ports open.

Checking port 80, we see that it is hosting the company's website:

I wanted to check the products page so I checked the first product they were selling.

Funny though is that the product id is listed as part of the URL. In this case, it is http://10.10.151.163/products/1. I then checked what would happen if I typed in a non-existent product id, say 999:

Introduction

This is my write-up for TryHackMe's Res Room.

Enumeration

Using nmap, I saw that this box 2 ports open.

Checking port 80, I found that it is running Apache.

Introduction

This is my write-up for TryHackMe's Poster Room

Enumeration

Using nmap, I saw that this box has several ports open.

Introduction

This is my write-up for TryHackMe's Jacob The Boss Room

Enumeration

Using nmap, I saw that this box has several ports open.

Checking port 80 using my browser, I saw what looked to be a blog using Dotclear.

And checking port 8080, it turns out the target is also running JBoss.

Introduction

This is my write-up for TryHackMe's RootMe Room.

Enumeration

Using nmap, I saw that this box has ports 22, and 80 open.

I saw the following when I checked the webpage with my browser.

Running gobuster, I found a few directories:

Looking at the /panel directory, I see a file upload page.

Introduction

This is my write-up for TryHackMe's Bolt Room

Enumeration

Using nmap, I saw that this box has ports 22, 80, and 8000 open.

Checking port 80 using my web browser, I find that it is running Apache2.

Checking port 8000 on my browser, I find that it is running Bolt CMS.

Introduction

This is my write-up for TryHackMe's Tartarus Room.

Enumeration

Using nmap, I saw that this box is running FTP, SSH and HTTP.

Checking the FTP, I found that there were some "hidden" directories. Those directories named "..." would have been hidden if one simply checked using the "ls" command.