This was a medium level machine from TryHackMe whose inital foothold contains API fuzzing followed by a LFI and then taking a user shell using werkzeug console. The root part contains a suid binary which we have to reverse in order to get the magic number and then root user…


This was a medium level box from Tryhackme whose initial foothold and user part was fun doing. The root was easier than user. From the failed FTP attempt to exploiting the CVE and then Ghidra for user part was interesting . Root part was just python library hijacking. …


Phase 1 : Information Gathering

Starting enumeration with nmap scan gave us 3 ports — 22,80 and 8080


This is a writeup for javascript missions from hack this site.

Challenge 1 — Idiot Test

This was just a basic challenge which required to see the javascript code below using developer tools of your browser. The code is :

function check(x){
if (x == "cookies"){
alert("win!");
window.location += "?lvl_password="+x; …

This is a writeup for Basic Missions from HTS.

Basic 1

This was just a basic challenge which emphasis HTML. So basically view the source code and you will find a comment there with a password.


This is my first post on Medium. So spare me for newbie errors. Enjoy the writeup !!

Phase-1 : Information Gathering

Rohan Sharma

CEH v11 , scripting , cyber security

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store