Wgel CTF WriteUp [TryHackMe]

fig: result of nmap
fig: Normal Apache2 Debian Default Page
fig: Apache2 Default Page of the given lab’s website
fig : inspecting the apache2 default page of target machine
fig : gobuster for http://ip
fig: gobuster for http://ip/sitemap
fig: ssh to the target machine
fig: user flag
fig: checking the user privelege
fig: listening to port 9090 usng netcat
fig: Getting the content of /etc/passwd of target machine to our local machine
fig : changing ‘x’ to magic password
fig : Running HTTP server in port 8080
fig: Downloading passwd from HTTP hosted in local machine and replace /etc/passwd by downloadd passwd
fig: Getting root privilege and getting root flag



Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
aayush malla

aayush malla

Data Engineer, Cybersecurity enthusiast , PLSQL, Data Analyst