Introduction
This is my write-up for TryHackMe's The Marketplace Room.
Enumeration
Using nmap, I found that this box had 3 ports open.
Checking both ports 80 and 32768, we see the same website:
Looking at 1 item, I saw that there's a contact author and report to admins option.
Clicking on either link brought me to the login page.
Prior to signing up and logging in, I checked for robots.txt. I found that there's a "hidden" folder.
Checking this folder, I found that I needed to do something to access it.