Tag: lfi
-
VulnNet | TryHackMe
Initial nmap results, let’s head to the web server… In one of the Javascript files we find reference to http://broadcast.vulnnet.net so let’s add that to /etc/passwd and see what’s there. We get thwacked with a basic authentication screen and it doesn’t seem so easy to bypass. Will return to the web server and see what […]
-
Watcher | TryHackMe
A boot2root Linux machine utilising web exploits along with some common privilege escalation techniques. Medium difficulty. Starting with an nmap scan we see open FTP, SSH and HTTP. FTP doesn’t accept anonymous logins so on to poke at the web server. I like feroxbuster and initially the /dirb/common.txt wordlist for a quick overview of hidden […]