Tryhackme Cct2019

This event took place during a massive growth period for the TryHackMe platform. It fostered a sense of community as players took to Discord and forums to discuss methodologies (without giving away answers). It solidified the "hacker mindset" of collaborative learning.

| Phase | Tools / Commands | |----------------------|----------------------------------------------------------------------------------| | Reconnaissance | nmap -sC -sV , gobuster , whatweb , burpsuite | | Web Exploitation | Concrete5 exploit (manual or Metasploit auxiliary), PHP reverse shell | | Privilege Escalation | sudo -l , LinPEAS, Python library hijacking, Dirty Cow (CVE-2016-5195) | | Pivoting | SSH tunneling, scp , netstat , route | | Post-Exploitation | find for flags, md5sum verification, manual decryption with openssl | tryhackme cct2019

The backup.sh script is writable by the elf group. The attacker replaced its content with: This event took place during a massive growth