Biohazard — TryHackMe — WriteUp

nmap -A -T4 -p- -v <ip>

nmap
website
mansion
page source mansion
/diningRoom
emblem flag
page source diningRoom
decode
/teaRoom/
lockpick flag
/artRoom/
MansionMap
/barRoom
READ
music sheet flag
gold emblem flag
hint
decode

http://<ip>/diningRoom/the_great_shield_key.html

shield_key
/diningRoom2F
page source diningRoom2F
Caesar Cipher decode

http://<ip>/diningRoom/sapphire.html

blue jewel flag
/tigerStatusRoom
crest 1
crest 1 decoded
/galleryRoom
crest 2
crest 2 decoded
/armorRoom
crest 3
crest 3 decoded
/studyRoom
/attic
crest 4
crest 4 decoded

RlRQIHVzZXI6IGh1bnRlciwgRlRQIHBhc3M6IHlvdV9jYW50X2h pZGVfZm9yZXZlcg==

FTP creds
FTP login
ls
important.txt
/hidden_closet
hint

steghide extract -sf 001-key.jpg

steghide
key-001.txt

exiftool 002-key.jpg

002-key

binwalk 003-key.jpg

binwalk

binwalk -e 003-key.jpg

key-003.txt

cGxhbnQ0Ml9jYW5fYmVfZGVzdHJveV93aXRoX3Zqb2x0

decode

gpg — decrypt helmet_key.txt.gpg

helmet flag
/hidden_closet
EXAMINE
READ
/studyRoom
ssh user

ssh umbrella_guest@<ip>

ssh login
ls -al
chris.txt
decode
weasker’s home
weasker_note.txt
sudo -l
root.txt

HAPPY HACKING

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store