Introduction

Detailed walkthroughs for Smol CTF challenges on TryHackMe .

Description

At the heart of Smol is a WordPress website, a common target due to its extensive plugin ecosystem. The machine showcases a publicly known vulnerable plugin, highlighting the risks of neglecting software updates and security patches. Enhancing the learning experience, Smol introduces a backdoored plugin, emphasizing the significance of meticulous code inspection before integrating third-party components.

Enumaration

echo 10.10.7.163 smol.thm >> /etc/hosts

Mappped the ip to domain smol.thm.

Introduction

Detailed walkthroughs for Block CTF challenges on TryHackMe .

Description

One of your junior system administrators forgot to deactivate two accounts from a pair of recently fired employees. We believe these employees used the credentials they were given in order to access some of the many private files from our server, but we need concrete proof. The junior system administrator only has a small network capture of the incident and a memory dump of the Local Security Authority Subsystem Service process. Fortunately, for your company, that is all you need.

Introduction

Detailed walkthroughs for Chrome CTF challenges on TryHackMe .

Description

A password manager is only as strong as the password that encrypts it. You find that a malicious actor extracted something over the network, but what? Help us find out!

1.What is the first password that we find?
2.What is the URL found in the first index? Fully defang the URL
3.What is the password found in the first index?
4.What is the URL found in the second index? Fully defang the URL
5.What is the password found in the second index?

From the above questions, we assume that will find the paswords and urls using the task file.