Skip to content

anurag708989/Advent-of-Cyber-2020

BranchesTags

Repository files navigation

Advent-of-Cyber-2020

Tryhackme event Advent of Cyber 2020 !!!

1-web exploitation

1-No answer needed

2-what is the name of the cookie for authentication?

press F12

auth

3-In what format the value of cookie is encoded?

Hexadecimal

4-Having decoding the cookie in what format data is stored in ?

Json(after decoding we get {"company":"The Best Festival Company", "username":"admin"})


### 5-What is the value of santa cookie?

7B22636F6D70616E79223A22546865204265737420466573746976616C20436F6D70616E

79222C2022757365726E616D65223A2273616E7461227D

6-After reactivating the assembly line what is the flag you are given?

THM{MjY0Yzg5NTJmY2Q1NzM1NjBmZWFhYmQy}

2- Web Exploitation (The Elf Strikes back)

1-What string of text needs added to the URL to get access to the upload page?

?id=ODIzODI5MTNiYmYw

actual url path http:///index.php?id=ODIzODI5MTNiYmYw

2-What type of file is accepted by the site?

->image

3-in which directry upload files are stored

[: payload works = .png.php]

/uploads/{use gobuser or dirbuster}

4-no answer needed

5-What is the flag in /var/www/flag.txt?

THM{MGU3Y2UyMGUwNjExYTY4NTAxOWJhMzhh}

3- Web Exploitation (Christmas Choas)

1-no answer needed

2-what is the flag

THM{885ffab980e049847516f9d8fe99ad1a}

About

Tryhackme event Advent of Cyber 2020 !!!

Topics

http authentication reverse-shell cookie decoding web-exploitation tryhackme advent-of-cyber advent-of-cyber-writeups get-params-from-url advent-of-cyber-2020 default-authentication

Resources

Readme
Activity

Stars

1 star

Watchers

1 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published