TryHackMe | IDE Room Walkthrough [Voice | Explained]

00:00 - Intro 00:10 - Using Rustscan for port scanning. 00:50 - Enumerating FTP. 02:25 - Found username and possible password. 04:30 - Enumerating TCP Port 80, found nothing. 06:06 - Enumerating TCP Port 62337 on which Codiad seems to be running. 08:00 - Logged in with default password - found public exploit using searchsploit. 13:34 - Got the reverse shell back - explaining why we need two netcat listeners. 17:06 - Finding potential ways of privilege escalation. 17:45 - Found password in .bash_history file - explaning why mysql asks for password even after providing -p flag. 18:53 - MySQL is not found inside the machine, trying password reuse. 19:52 - Got in as drac via SSH - found that we can restart FTP server as root. 23:17 - Inserting reverse shell payload inside service file to get back root shell. Write-up: https://noobtech.pro/writeup/tryhackme/ide-write-up/ Exploiting a Codiad which is vulnerable to RCE which give us a reverse shell back - following with sudo privilege escalation. Join the discord server for frequent giveaways and resources. You can help me in keep running these giveaways via Patreon. Patreon: https://www.patreon.com/TechMafia Discord: https://discord.gg/jwqyjtBtaD