Welcome to my Cybersecurity Blog!

Check out Love At First Breach Rooms All the Walkthroughs for 10 Ticketing rooms are available on this page.

Room Link: Committed unzip the committed.zip let’s check the logs for the git commit. git log --all straightaway we can see that there is a file named DB check which looks very interesting. let’s see check it out. git checkout 3a8cc16f919b8ac43651d68dceacbb28ebb9b625 ls cat main.py and here we go we found the flag.

Room Link: Crypto Failures upon visiting the web of the IP of target machine we can see: so here it says we are logged in as guest and upon visiting the source code of this website. we can see there is a comment in the file which says: so let’s run a Gobuster scan and see what we get here. gobuster dir -u http://10.48.162.78 -w /usr/share/wordlists/dirb/common.txt -x bak,php,js,txt ...

Room Link: LazyAdmin Room Link add machine IP to /etc/hosts sudo echo "10.48.181.50 lazyadmin.thm" >> /etc/hosts First we are gonna perform NMAP scan nmap -A lazyadmin.thm -T5 -v this is what we got. let enumerate the directories gobuster dir -u http://lazyadmin.thm -w /usr/share/wordlists/dirb/common.txt we found these directories lets visit them this is what is in the /content upon seeing this we can identify that this website is built on basic-cms - sweet rice ...

Room Link: Operation Slither Room Link let’s see what info do we have here. so the name of the leader here is: @v3n0mbyt3_ On a simple google search we can see the X account under the name. but we have to find another social media where @v3n0mbyt3_ is used as a username. just scroll down more and you will see a new social media platform from meta. going to the replies we can see there is a base64 encoded text here ...

Room Link: Keldagrim Room Link We gonna start with NMAP scan: Even if it is showing that these ports are filtered we are going to check it by visiting the website on port 80. add the IP to the /etc/hosts. okay we can visit the website and we can see that there multiple things listed on the website, from that we can enumerate more on the directories. upon seeing the website, there is /admin which is greyed out and visiting it isn’t showing anything. ...

Room Link: Airplane Room Link First of all add the machine IP to /etc/hosts As always we will perform a NMAP scan: $ nmap -sT -p- airplane.thm -T4 Starting Nmap 7.94SVN ( https://nmap.org ) at 2024-06-07 20:01 CEST Nmap scan report for airplane.thm (10.10.196.89) Host is up (0.064s latency). Not shown: 65532 closed tcp ports (conn-refused) PORT STATE SERVICE 22/tcp open ssh 6048/tcp open x11 8000/tcp open http-alt We found 3 open Ports here: ...

Room Link: Smag Grotto Room Link NMAP Scan we can see there are 2 services on port 22 and port 80. we will check out port 80. upon directory enumeration, we found an interesting directory on the website lets explore it, here we can see an attachment with .pcap extension, let’s download it and open it with wireshark. as you can see in the image we upon examining the POST request, we found out the credentials, now we are going to try them in on the HOST website i.e development.smag.thm . ...

These Design Flaws Contain: 1. AS02: Security Misconfigurations 2. AS03: Software Supply Chain Failures 3. AS04: Cryptographic Failures 4. AS06: Insecure Design AS02: Security Misconfigurations Happens when system, servers or applications are deployed with unsafe defaults, incomplete settings, or exposed services. These are not code bugs but mistakes in how the environment, software or network is set up. They create easy entry points for attackers. even a small misconfig can expose sensitive data, enable priv esc, of give foothold to the attackers. Modern applications rely on complex stacks, cloud services, and third-party APIs. A single exposed admin panel, an open storage bucket, or misconfigured permissions can compromise the entire system. ...

This room will introduce you to 3 elements of the OWASP Top 10 list (2025). In this room, you will learn about the elements relating to application behaviour and user input. We will cover these vulnerabilities briefly, how to prevent them, and finally, you will practice exploiting these vulnerabilities: A04: Cryptographic Failures A05: Injection A08: Software or Data Integrity Failures How to Prevent Cryptographic Failures Preventing cryptographic failures starts with choosing strong, modern algorithms and implementing them properly. Sensitive information such as passwords should be hashed using robust, slow hashing functions like bcrypt, scrypt, or Argon2. When encrypting data, avoid creating your own algorithms; instead, rely on trusted, industry-standard libraries. ...