Another day, another challenge…
In this post, we’re starting a new series the Advent of Cyber series that is hosted by TryHackMe. This is the third year of the Advent of Cyber where a challenge is released everyday leading to Christmas. In total there will be 25 challenges. In these challenges, we’re McSkidy an elf trying to save Christmas.
In our sixth challenge, we’re presented with a scenario where McSkidy discovered some recovery keys on a web application on a server that needed to be decommissioned. The elf in charge of decommissioning the server never got around to doing the task. McSkidy realizes that the recovery keys found can be used to save other systems.
The topics explored in this challenge are Local File Inclusion (LFI), and Remote Command Execution (RCE). LFI is a vulnerability where files can be accessed from the server. This is bad as ANY file with read permissions can be accessed. LFI happens due to Un-sanitized or lack of input validation. The application accepts any input from the users. Another topic explored is RCE. RCE happens when the user can inject or write to a specific file. When a user finds LFI it’s a good idea to see if RCE is also possible. This will be helpful for our challenge.
Can McSkidy use the recovery keys to log into other systems? Find out below!
If you enjoy my content, buy me a coffee. Link –> http://buymeacoffee.com/thefluffy007