A detailed walkthrough of exploiting the Voyage TryHackMe challenge, covering reconnaissance with nmap, exploiting Joomla CVE-2023-23752 for credential disclosure, gaining Docker container access, performing network pivoting to discover internal services, exploiting insecure pickle deserialization in a Flask application for
Table of contents
nmapSSHHTTP(80)EnumerationDocker AccessInternal pivotingInsecure DeserializationGaining AccessInsecure pickle deserializationVulnerabilities in dockerExploiting Cap_sys_moduleGet Mostafagabr’s stories in your inboxBonusSort: