Tryhackme “Tokyo Ghoul” Report, Extract data from files, LFI, Escaping Python Jail​

  • Post author:

Tryhackme Tokyo Ghoul Report, Extract data from files, LFI, Escaping Python Jail https://tryhackme.com/room/tokyoghoul666 SUMMARY This is a room with a Tokyo Ghoul theme.  No info about the Tokyo Ghoul series is required to complete the room, although the creator does mention there are spoilers for…

Continue Reading Tryhackme “Tokyo Ghoul” Report, Extract data from files, LFI, Escaping Python Jail​

Tryhackme “En-Pass” Report, Python Deserialization Privilege Escalation

  • Post author:

Tryhackme En-Pass Report https://tryhackme.com/room/enpassEn-pass is a medium difficulty room, created by @kiransauDirectory busting reveals four paths: a recursive path that contains a passphrase-protected private SSH key, an input form where the correct input will print a password, a 403 status page that can be bypassed…

Continue Reading Tryhackme “En-Pass” Report, Python Deserialization Privilege Escalation

Tryhackme “Sustah” Report, Bypass rate-limitations, doas.conf PrivEsc

  • Post author:

Sustah Introduction https://tryhackme.com/room/sustahA roulette-like number guessing game needs to be beat in order to obtain access to the CMS.Rate-limitation restrictions in the game prevent brute forcing techniques, but can be bypassed by specifying a couple request header fields.Exposed default admin credentials in Mara CMS allows…

Continue Reading Tryhackme “Sustah” Report, Bypass rate-limitations, doas.conf PrivEsc

End of content

No more pages to load