TryHackMe Walkthroughs

March 10, 2022

TryHackMe is a free online platform for learning cyber security, using hands-on exercises and labs, all through your browser!


Here you find Walkthroughs of rooms from TryHackMe with a bit of description of what that room is about. You can use Ctrl + F option to search for a specific room. 



Name Description
Vulnversity
  • File Upload Vulnerability
  • Privilege Escalation via systemctl
Kenobi
  • Samba Share Enumeration
  • ProFTPd Exploit
  • Privilege Escalation with Path Variable Manipulation
Blue
  • Eternal Blue (ms17-010)
  • Use of msfconsole
Basic Pentesting
  • enum4linux
  • SSH Password Cracking via Hydra
  • linPEAS
  • Cracking SSH Private Key via JohnTheRipper
Classic Passwd
  • Reverse Engineering using ltrace
JPGChat
  • Source Code Reading
  • Python Library Manipulation
Regular Expressions
  • Basics of RE
Crack the hash
  • Crack Station
  • Hash Analyzer
  • HashCat
  • JohnTheRipper
tomghost
  • AJP Exploit (CVE-2020-1938)
  • GPG Cracking via JohnTheRipper
Team
  • Source Code Reading
  • Virtual Host Routing
  • Subdomains Finder via WFUZZ
  • LFI
  • linPEAS
  • CronJobs
Mr. Robot CTF
  • GoBuster Scan
  • Web Login Dictionary Attack via BurpSuite
  • PHP Reverse Shell
  • SUID via Nmap
OhSINT
  • exiftool
Simple CTF
  • CMS Made Simple (CVE-2019-9053)
  • SQLi
Pickle Rick
  • Source Code Read
  • Command Injection Vulnerability
CTF collection Vol.1 ---
Badbyte
  • FTP Anonymous Login
  • SSH Password Cracking via JohnTheRipper
  • SSH Port Forwarding
  • WordPress Plugins Enumeration
  • WordPress File Manager RCE
Bounty Hacker
  • FTP Anonymous Login
  • SSH Password Cracking via Hydra
  • Privilege Escalation via tar
Metasploit ---
Lazy Admin
  • Recursive Directory Enumeration
  • MySQL Backup File Enumeration
  • Sweet Rice XSS Exploit
  • Privilege Escalation via adding bash to a file
Overpass
  • Source Code Reading
  • Broken Authentication Exploit via BurpSuite
  • SSH Private Key Cracking via JohnTheRipper
  • Privilege Escalation via CronJobs
  • Working with Host File
Anonymous
  • Samba Enumeration
  • FTP Anonymous Login
  • File Content Manipulation (CronJobs)
VulnNet: Node
  • NodeJS Express Framework Exploit via Cookies
  • File Content Manipulation
Anonforce
  • FTP Anonymous Login
  • GPG Password Cracking via JohnTheRipper
  • Password Cracking via HashCat
Thompson
  • Tomcat Error Page
  • WAR File Exploit
Ignite
  • Fuel CMS RCE (CVE-2018-16763)
  • Default Credentials
Startup
  • FTP Anonymous Login
  • Wireshark (Follow TCP Stream)
Brooklyn Nine Nine
  • FTP Anonymous Login
  • SSH Password Cracking via Hydra
  • Privilege Escalation via less
Hydra
  • Basic of Hydra
  • Crack Post Web Form
  • Crack SSH
Chocolate Factory
  • FTP Anonymous Login
  • Command Injection Vulnerability
  • Reverse Engineering
  • SUIDs

We hope this helps. If any suggestions or doubts you can add a comment and we will reply as soon as possible.

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)