Avengers Blog Tryhackme Writeup
Link to the Tryhackme room:https://tryhackme.com/room/avengers
This is a fairly easy room.
So Let’s dive right in to answering all the questions.
Task 2:Cookies
You can view the cookies by right clicking on the page and going to inspect element and then in storage.
Task3:HTTP Headers
For this , we have to again right click on the page and going to inspect element and then in network you will find the answer (See the image below ).
Task4:Enumeration and FTP
First of all , we will do a port scan using nmap.
Command: nmap -A -T4 <IP Of The Machine>
A : is for aggressive scan ( does os and version detection)
T4: is for speed ( T1-T5 is the range)
3 Ports were open:
- FTP(port 21)
- SSH(port 22)
- HTTP(port 80)
We have been given username and password for ftp share ( username :groot and password :iamgroot)
Command: Ftp <IP of the machine>
Then it will ask for user and pass and then we see a files folder there and cd into that we see flag3.txt and download it on your machine using get command.(See the image below).
Task5: GoBuster
Directory bruteforcing using gobuster.
Command: gobuster dir -u HTTP://IP/ -w /path_to_the_wordlist/wordlist.txt .
You will find the name of directory.
Task6:SQL Injection
Going to the directory , we see a login page and it has sqli vulnerability.
Paste this in username and password:’ or 1=1 —
This is a SQL query which says either username or 1=1 which will always be true .
The answer for how many lines of code are there on the avengers site.
Task7: Remote Code Execution and Linux
We see that we can execute some commands on the page but we can’t use cat to view to the flag5.txt
I viewed the hint for this (What Linux command can read a file content in reverse?).
I searched on google and found that tac is the command that can display the content in reverse .
Command: cd ../; tacflag5.txt
So I have answered all the questions here and thankyou for reading my writeup and have a nice day.
