Wgel CTF WriteUp [TryHackMe]

fig: result of nmap
fig: Normal Apache2 Debian Default Page
fig: Apache2 Default Page of the given lab’s website
fig : inspecting the apache2 default page of target machine
fig : gobuster for http://ip
fig: gobuster for http://ip/sitemap
fig: ssh to the target machine
fig: user flag
fig: checking the user privelege
fig: listening to port 9090 usng netcat
fig: Getting the content of /etc/passwd of target machine to our local machine
fig : changing ‘x’ to magic password
fig : Running HTTP server in port 8080
fig: Downloading passwd from HTTP hosted in local machine and replace /etc/passwd by downloadd passwd
fig: Getting root privilege and getting root flag

--

--

--

Data Engineer, Cybersecurity enthusiast , PLSQL, Data Analyst

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

AMA recap: Crypto Piece-verse 2022

The internet has changed our conception of privacy: and here’s why.

What Did We Learn from the MonoX Hack

What Did We Learn from the MonoX Hack

MilkyWay

Important Announcement — Token Swap

Face Recognition | Your private Information may be being peeped

Vulnhub: FristiLeaks Part 1

Today we will walk through the firstileaks VM from VULNHUB

5 Common Types of SPAM & How You Can Protect Yourself Against Them

Types_of_SPAM_and_how_to_protect_your_site_from_them-1024x512.jpg

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
aayush malla

aayush malla

Data Engineer, Cybersecurity enthusiast , PLSQL, Data Analyst

More from Medium

TryHackMe | Linux Forensics

TryHackMe : Wgel CTF Write-up

OSCP-Like Boxes — Legacy Write-Up

Tryhackme Archangel Writeup