-
TryHackMe: IDOR
Insecure Direct Object References are what we are trying next, and these are the things that I actually have tried myself before when I was a kid and idly spending time on the net. When you see your customer number up in the URL and you try changing it and reloading it to see if…
-
TryHackMe: Learning Path Update
So I nearly completed the Complete Beginner Pathway on TryHackMe, but as I was asking for help with a Metasploit task on the THM Discord server (I hadn’t set the LHOST correctly, and I needed to set it to listen to my OpenVPN IP), I came across a message from one of the Discord members…
-
TryHackMe: John the Ripper
This was a fun room to complete focussing on the password cracking tool John the Ripper. Definitely one of my favourite ones so far, getting password hashes and running them through the cracker in order to find out what the password was. Most of the activities in this one were just following the instructions and…
-
TryHackMe: Pickle Rick CTF
So this was the first major CTF challenge in the learning path so far and I think it really shows I have a long way to go! I admit I had to watch the walkthrough for this one. I was trying to remember all of the things I had done before and failed miserably. I…
-
TryHackMe: Upload Vulnerabilities
What a crazy time I had in this room. It talks about vulnerabilities in upload forms that websites may use to allow users to upload files and things to the website. The first couple of tasks were rather easy – using the same file name to overwrite files already on the server. ie. Finding a…