capture the flag, hacking

@RealTryHackMe #AdventOfCyber Series: Challenge 7 – Migration Without Security #TisTheSeasonForHacking


Another day, another challenge…

In this post, we’re starting a new series the Advent of Cyber series that is hosted by TryHackMe. This is the third year of the Advent of Cyber where a challenge is released everyday leading to Christmas. In total there will be 25 challenges. In these challenges, we’re McSkidy an elf trying to save Christmas.

In our seventh challenge, we’re presented with a scenario where the application that handles the Gift requests is vulnerable due to the changing of the technology stack. The Grinch has figured this out and has control of the system, but did not patch it, so now we can exploit the same system as well.

The topics explored in this challenge are NoSQL or Non SQL which is similar to MySQL or Microsoft SQL Server (MSSQL) except NoSQL is used for Internet of Things (IoT) and Big Data for its fast queries and easy data structures. In this challenge we’re going to use MongoDB which is a free NoSQL database.

Can McSkidy use the information learned about NoSQL to retrieve the gift requests? Find out below!

If you enjoy my content, buy me a coffee. Link –> http://buymeacoffee.com/thefluffy007