‘Skynet’ is a box on TryHackMe. We’ll be enumerating SMB shares, brute forcing a login and exploiting a Remote File Inclusion vulnerability in Cuppa CMS for a foothold. For our root shell we’ll take a look at exploiting some wildcard injection using a script that’s being run as a cronjob.

THM Challenge

‘THM Challenge’ is a WebApp that I wrote to send along with my CV to TryHackMe when they were recruiting Content Engineers

Peak Hill

‘Peak Hill’ box created by John Hammond on TryHackMe. We’ll be checking out a FTP server with anonymous login, Python’s pickle module and a neat custom challenge that we need to exploit.