Wednesday is here and it’s time for some more THM!
Today we move on to Exploit Vulnerabilities module.
In this module we will cover Automated Vs. Manual Vulnerability Research, Finding Manual Exploits, Example of Manual Exploitation and Practical: Manual Exploitation.
I’ve done this exploit before in a previous room on THM however my mind blanked completely and forgot for some reason, the python file needs to be edited and the URL of the vulnerable web application running the bookstore v1.0 needs to be input, after this has been done it needs to be run with just python (not python3) and the URL again needs to be specified within the command in order to trigger the RCE and the shell on the vulnerable host.
Flag – THM{BOOK_KEEPING}
Next, we move on to the Vulnerability Capstone module.
Overall, quick module I had done a similar module previous on THM on the bookstore and we found the shell via exploitdb however in the task we are told/hinted at using the exploit which is present on the attack box during this module.
Next we move on to the What the Shell? module on THM!
We will finish the module off tomorrow!
Until next time & don’t sleepwalk through life!
Nabad gelyo