Blog TryHackMe Box Writeup In every penetration testing practice we start by examining the target, starting with information gathering : Lets start by using nmap as our information gathering tool of …

InfoSecWriteUps' platform is  dedicated to providing insights and resources for cybersecurity professionals and enthusiasts. Through articles, tutorials, and security research, InfoSecWriteUps offers insights into cybersecurity vulnerabilities, attack techniques, and defense strategies. Readers can learn about penetration testing, threat intelligence, and incident response to enhance their cybersecurity knowledge and skills.

InfoSec Write-ups

A walkthrough of the 'Blog' TryHackMe CTF box covering the full attack chain: network scanning with nmap, directory enumeration with gobuster, WordPress credential brute-forcing with wpscan, exploiting the WordPress 5.0 Crop-image Shell Upload vulnerability via Metasploit to gain a foothold, discovering database credentials in config files, and escalating privileges to root via a SUID binary at /usr/sbin/checker.