It’s a very good lab and you can test lots of different topics at the same time; # I scan with nmap sudo nmap -sV 10.10.124.59 # find web port to open and browse it; # in parallel I start dirbsearch to find folders sudo ./dirsearch.py -u http://10.10.124.59 -w /usr/share/wordlists/dirbuster/directory-list-2.3-medium.txt -e js,php,html -x 403,404 # so first question answer we find quickly /admin folder our secret folder; #so I understand basic Authentication and user credential need; I started password attack and …
Tag: Tryhackme
ROOM NAX https://tryhackme.com/room/nax Firstly need to read carefully the description of the room; Nax Identify the critical security flaw in the most powerful and trusted network monitoring software on the market, that allows a user authenticated execute remote code execution. 2. I started to search best network monitoring tools ; https://www.pcwdld.com/best-network-monitoring-tools-and-software 3. This name so similar to our room Nagios XI (NAX) 4. Start port scanning sudo nmap -sV 10.10.87.52 5. http://10.10.87.52 6. Welcome to Elements look like (periodic table ) so I …