[ 🡅 Move up ]
00: Structure [ Next 🡆 ]
Before we move on to actual challenges, I should explain how the following writeup is structured.
Because I don't like the naming convention used on TryHackMe, I decided to implement my own.
Each Stage (formally known as Task on TryHackMe) is divided into Tasks (formally knows as Questions) that you need to complete in order to gain points.
It's important to note that you don't need to finish all tasks before you can unlock the next stage. In fact, Stages don't form a linear progression system, although they tend to increase in difficulty and complexity the lower on the list they are. The only prerequisite for a given Stage (if any) is the access to particular user account.
All Stages focus on finding a way to gain access into an user account. Stages are accompanied by Tasks, of which at least 1 requires you to have already hacked into particular account in order to complete.
Article explain every stage will be divided with following sections in mind
This section is devoted to the thought process behind finding and exploiting the vulnerability in question. It is divided into 4 sub-sections:
- Briefing - contains information about the task, straight from the CTF website
- Reconnaissance - looking for the Attack Vector to exploit
- Attack Vector - description of the found vulnerability
- Execution - using the Attack Vector to gain access into the user account
This section focuses on how to gain access into user account and might accidently solve some of the Tasks - their solution will always be posted in a section below regardless.
This section talks about the weakpoint of the system, how the vulnerability we previously used came to life and how to prevent it from appearing in the first place.
This section explains how to complete all the Tasks in the current Stage.
[ 🡅 Move up ]
00: Structure [ Next 🡆 ]