Make connection with VPN or use the attackbox on Tryhackme site to connect to the Tryhackme lab environment
TASK Avengers Blog
Boot up the attached machine and navigate with firefox to http://<MACHINE_IP>
Once the site is loaded press F12 Then storage and under cookies you will see the flag1 cookie
3.1 Look at the HTTP response headers and obtain flag 2.
In the develops console open network and press F5 to reload the page. Click on the first that is loaded and then press headers. You will see the flag2 in the header
You can do this with Burp intercept as well.
Open Burpsuite and turn on intercept ( look here to configure Configure Burpsuite with Firefox )
Once forward the request and look in the history
Before forwarding the request you can also look at the response by
In the next page you will find the response header. This does not always work very well.
4.1 Look around the FTP share and read flag 3!
Scan the machine with nmpa using the following command
nmap -sV -sC -T4 <Machine_IP>
With this scan you have more information
Connect with the ftp by typing
ftp <machine_ip> 21
Login with the credentials given in the task
Once connected type in
We se one directory. navigating in the directory by typing
cd files ls -la
We can download the file by typing
then exit the ftp and type
5.1 What is the directory that has an Avengers login?
Let’s scan with gobuster first by typing in
gobuster -u http://10.10.63.212 dir --wordlist /usr/share/wordlists/dirbuster/directory-list-2.3-medium.txt
When navigatin got /portal we have a login page
6.1 Log into the Avengers site. View the page source, how many lines of code are there?
It took me a while to get this by type in the user field and password field
' or 1=1--
Once log in right click view source and scroll al the way down and see the number of lines
7.1 Read the contents of flag5.txt
To reverse reading the command it tac
cd ../; ls; tac flag5.txt