Sign in

Hey! 👋

Here’s my writeup for VulnNet: Node, an easy room on TryHackMe.

Enjoy!

tl;dr
This is a very simple and easy room, which was a lot of fun.
We start by finding a web server that runs on port 8080. It is Node.js and uses the Express framework.
We see that it assigns us a session cookie. Knowing about deserialization attacks, we find out that it is vulnerable.
We exploit this vulnerability to get a shell on the box.
On the box, we can execute npm commands as a serv-manage user. With a quick look at gtfo-bins, we have our user flag!
For…


Hey! 👋

Here’s my writeup for Agent Sudo, an easy room on TryHackMe.

Enjoy!

Enumeration

Enumerate the machine and get all the important information.

Let’s start off by running a simple nmap scan:

nmap -p- -A -T4 10.10.1.238


Hey! 👋

Here’s my writeup for Bounty Hacker, an easy room on TryHackMe.

Enjoy!

First of all, we’re running a simple nmap scan:

nmap -p- -A -T4 10.10.16.17

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store