TryHackMe – A Cyber Journey

Blueprint – TryHackMe

Started off with my usual nmap scan: Looks like a windows server. I went ahead and ran a basic gobuster scan against both 80 and 8080. Nothing doing at port 80 but there was something interesting at 8080: The catalog itself led to a messed up default page for this oscommerce app, so with the…

Captain Nemo

January 20, 2022

TryHackMe

mimikatz, OSCommerce, RCE, Web App

RazorBlack – TryHackMe

This was a pretty neat little box for learning a little about AD exploits. Note that I had to reset it several times as the network kept timing out, especially when interacting over Evil-WinRM, which is why the IP changes so many times. I started out with my typical nmap scan: That’s a lot of…

Captain Nemo

December 15, 2021

TryHackMe, Uncategorized

LFI – TryHackMe

Link to the THM room I ignored scanning on this machine because I knew we were in the LFI room. If the IP had not returned a valid site though, I would have run a scan to determine the port where the web server was running. Once the IP was up, I checked out the…

Captain Nemo

September 16, 2021

TryHackMe

Directory Traversal, LFI, Privilege Escalation

Category: TryHackMe

Blueprint – TryHackMe

RazorBlack – TryHackMe

LFI – TryHackMe