TryHackMe Box Walkthrough : Inclusion
A basic level LFI challenge for beginner.
Lets launch the machine before launching the machine make sure your vpn is connected. After Launching we will get ip of the machine.
Starting with a simple nmap scan
Command : nmap -sC -sV -p- — min-rate=10000 -oN nmap <machine_ip>
We see that 2 ports are open 22 (SSH), 80 (http). It means there must be a webpage.
We get this page and as we know it is an LFI challenge but there is no parameter in the URL to inject our LFI payload. So when we click on the LFI-attack to see we get any parameter.
we got a parameter ?name=lfiattack. As we went inside the LFI attack we found some information about how LFI vulnerabilty works. So I will try LFI attack on this webpage.
We will use this credentials to login with SSH.
We found our first flag now copy and paste the flag in THM.
To escalate our privilege we will what commands can we run as root.
I will go to GTFO Bins to see what payload or command is available for /usr/bin/socat.
sudo socat stdin exec:/bin/sh
Successfully Escalated Privilege to Root now I will look for root flag.
Finally we found the root flag. Copy and paste the flag in THM site and finish the challenge.
If you found this usefull do leave a clap.