TryHackMe AoC3 — Day 3 Walkthrough

TryHackMe Advent of Cyber 3

AoC Day 3 is all about content discovery and authentication bypass.

Content discovery is exactly what it sounds like, finding content in an application. Files, folders, and different assets that were not intended for the general public.

Authentication Bypass is a loophole or vulnerability that lets a malicious actor use a program on your PC without needing a user name or password.

Day 3 is also the first day we will be using Kali. (I will be using Kali for all walkthroughs, you can use Kali, Parrot, or whichever distro you have set up for pen testing.)

Video Walkthrough: https://www.youtube.com/watch?v=7kLBqbJL-Gk

AoC3 Day 3- Web Exploitation Christmas Blackout

The first thing to do is go through all the information presented on the task to get a better understanding of Content Discovery and Authentication Bypass.

The first thing we are going to need to do it start up the machine. This button will on the top left of the task. This will take about a minute to start up.

Start machine button on the top left

To connect via to THM via OpenVPN, please reference this room.

— — — — — — — — — — — — — — — — — —

Question 1:
Using a common wordlist for discovering content, enumerate http://MACHINEIP to find the location of the administrator dashboard. What is the name of the folder?

Walkthrough: We are going to use dirb to find the location of the admin dashboard. We will be using the wordlist, common.txt.

We are going to open up the terminal on Kali and type in this command:

sudo dirb http://MACHINEIP // -l usr/share/wordlists/dirb/common.txt

As you can see one of the first directories found was /admin.

Answer: Admin

— — — — — — — — — — — — — — — — — —

Question 2:
In your web browser, try some default credentials on the newly discovered login form for the “administrator” user. What is the password?

Walkthrough: If you read through the entire task you should see a list of default administrator credentials. We are going to try one of those.

Some default credentials

First, navigate to http://MACHINEIP/admin and you will see the login screen below.

Lets try the first set of credentials. Username: administrator and the password administrator.

That was successful login!

Answer: Administrator

— — — — — — — — — — — — — — — — — —

Question 3: Access the admin panel. What is the value of the flag?

Walkthrough: This is fairly straightforward. Click OK and you will be brought to the admin panel.

Check out the bottom underneath ELF MCSKIDY and you will see the flag.

Answer: THM{ADM1N_AC3SS}

--

--

--

Learning Cybersecurity and IT, one day at a time. A+ and Net+ certified.

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

ASP.NET Web API & Angular 10 Clean Architecture

Using Built-in Methods for User-defined Classes in Python.

Dart — Using Triple Dot (…) Spread

MVC/MVP/MVVM/CLEAN/VIPER/REDUX/MVI/PRNSAASPFRUICC — building abstractions for the sake of building…

Short explanation about Unix time

HomePass for HomeKit App REVIEW | MacSources

How Can a Software Developer Prepare Quickly for a Job Interview?

Enabling TLS in the Dev Loop: Self-Signed Certs, nip, and edgestack.me

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Rubelefsky

Rubelefsky

Learning Cybersecurity and IT, one day at a time. A+ and Net+ certified.

More from Medium

Hack The Box — Nibbles

IDOR | TryHackMe (THM)

It’s funny to look back on my first 2 entries and see that:

TryHackMe — Network Fundamentals — Extending Your Network