보호되어 있는 글입니다.
write-up
*https://tryhackme.com/r/room/bookstoreoc BookstoreA Beginner level box with basic web enumeration and REST API Fuzzing.tryhackme.com1.Port Scan Enumeration - Reconnaissance&Scanning$ sudo nmap -n -sS -sV -O -Pn -p- --min-rate=10000 bookstore.thmHost is up (0.26s latency).Not shown: 65532 closed tcp ports (reset)PORT STATE SERVICE VERSION22/tcp open ssh OpenSSH 7.6p1 Ubuntu 4ubuntu0.3..
*https://tryhackme.com/r/room/jokerctf HA Joker CTFBatman hits Joker.tryhackme.com1.Port Scan Enumeration - Reconnaissance&Scanning$ sudo nmap -n -sS -sV -O -Pn -p- --min-rate=10000 joker.thmHost is up (0.19s latency).Not shown: 63848 closed tcp ports (reset), 1684 filtered tcp ports (no-response)PORT STATE SERVICE VERSION22/tcp open ssh OpenSSH 7.6p1 Ubuntu 4ubuntu0.3 (Ubuntu Linux; ..
보호되어 있는 글입니다.
*https://tryhackme.com/r/room/rabbitholeqq Rabbit HoleIt's easy to fall into rabbit holes.tryhackme.com-Second Order SQL Injection을 이용한 정보 추출-SQL Injection을 통한 프로세스 동작 감청-추출한 정보로 서버에 SSH 접근, 시스템 장악1.Port Scan Enumeration - Reconnaissance&Scanning$ sudo nmap -n -sS -sV -O -Pn -p- --min-rate=10000 rabbithole.thmStarting Nmap 7.94SVN ( https://nmap.org ) at 2024-12-03 21:07 KSTWarning: 10.10.75.76 ..
*https://tryhackme.com/r/room/cheesectfv10 Cheese CTFInspired by the great cheese talk of THM!tryhackme.com1.Port Scan Enumeration - Reconnaissance&Scanning$ sudo nmap -sS -p- -n -Pn --min-rate=10000 cheese.thm Warning: 10.10.117.1 giving up on port because retransmission cap hit (10).Nmap scan report for cheese.thm (10.10.117.1)Host is up (0.27s latency).Not shown: 36 filtered tcp ports (no-res..
*https://tryhackme.com/r/room/pyrat PyratTest your enumeration skills on this boot-to-root machine.tryhackme.com Pyrat receives a curious response from an HTTP server, which leads to a potential Python code execution vulnerability. With a cleverly crafted payload, it is possible to gain a shell on the machine. Delving into the directories, the author uncovers a well-known folder that provides a ..
*https://tryhackme.com/r/room/wekorra WekorCTF challenge involving Sqli , WordPress , vhost enumeration and recognizing internal services ;)tryhackme.com -Sqlinjection, Subdomain 유출, Reverse shell, 취약한 서비스, 잘못된 경로 설정-생각보다도 과정이 많아서 힘들었던 문제였습니다. 특히 SQL Injection 포인트를 찾고 Reverse shell 을 연결하는 과정까지가 굉장히 세부과정이 많아서 그냥 sqlmap 쓸까 싶었던 순간이 많았었네요.1.Port Scan Enumeration - Reconnaissance&Scanning$ sudo rusts..
