write-up/penetration test

*https://tryhackme.com/r/room/jokerctf HA Joker CTFBatman hits Joker.tryhackme.com1.Port Scan Enumeration - Reconnaissance&Scanning$ sudo nmap -n -sS -sV -O -Pn -p- --min-rate=10000 joker.thmHost is up (0.19s latency).Not shown: 63848 closed tcp ports (reset), 1684 filtered tcp ports (no-response)PORT STATE SERVICE VERSION22/tcp open ssh OpenSSH 7.6p1 Ubuntu 4ubuntu0.3 (Ubuntu Linux; ..

*https://tryhackme.com/r/room/cheesectfv10 Cheese CTFInspired by the great cheese talk of THM!tryhackme.com1.Port Scan Enumeration - Reconnaissance&Scanning$ sudo nmap -sS -p- -n -Pn --min-rate=10000 cheese.thm Warning: 10.10.117.1 giving up on port because retransmission cap hit (10).Nmap scan report for cheese.thm (10.10.117.1)Host is up (0.27s latency).Not shown: 36 filtered tcp ports (no-res..

*https://tryhackme.com/r/room/pyrat PyratTest your enumeration skills on this boot-to-root machine.tryhackme.com Pyrat receives a curious response from an HTTP server, which leads to a potential Python code execution vulnerability. With a cleverly crafted payload, it is possible to gain a shell on the machine. Delving into the directories, the author uncovers a well-known folder that provides a ..

*https://tryhackme.com/r/room/wekorra WekorCTF challenge involving Sqli , WordPress , vhost enumeration and recognizing internal services ;)tryhackme.com -Sqlinjection, Subdomain 유출, Reverse shell, 취약한 서비스, 잘못된 경로 설정-생각보다도 과정이 많아서 힘들었던 문제였습니다. 특히 SQL Injection 포인트를 찾고 Reverse shell 을 연결하는 과정까지가 굉장히 세부과정이 많아서 그냥 sqlmap 쓸까 싶었던 순간이 많았었네요.1.Port Scan Enumeration - Reconnaissance&Scanning$ sudo rusts..

*https://tryhackme.com/r/room/yueiua U.A. High SchoolWelcome to the web application of U.A., the Superhero Academy.tryhackme.com[1]ReconnaissancePort Scan Enumeration$ sudo rustscan -r 1-65535 -a uahigh.thm -- -sV -O.----. .-. .-. .----..---. .----. .---. .--. .-. .-.| {} }| { } |{ {__ {_ _}{ {__ / ___} / {} \ | `| || .-. \| {_} |.-._} } | | .-._} }\ }/ /\ \| |\ |`-' `-'`-----..

[1]Reconnaissance-psychobreak 문제에서 영감을 받아 만든 Tokyo ghoul 애니메이션 배경의 워 게임이라고 합니다.-문제엔 질문이 많은데, 과정에서 다 풀 수 있는 질문입니다. nmap resultssudo nmap -sS -p- --min-rate=10000 {ip_address}-21번(ftp)과 22(ssh)번, 80(http)번이 열러 있습니다.sudo nmap -sS -sV -O {ip_address}-21번 ftp는 vsftpd 3.0.3, 22번 ssh는 OpenSSH 7.2p2 Ubuntu, 80번 http는 Apache httpd 2.4.18 Ubuntu 입니다. page Analysis-index.html 에는 줄거리가 적혀있고, Can you help him..