TryHackMe Whiterose Full Walkthrough | IDOR Exploit, SSTI to RCE | Python

Name: TryHackMe Whiterose Full Walkthrough | IDOR Exploit, SSTI to RCE | Python
Uploaded: Nov 30, 2025
Duration: 2398 s

Junhua's Cyber Lab3.92K subscribers

130 views

Nov 30, 2025

39:58

#cybersecurity #ctf #tryhackme Welcome back to the channel! In this video, I provide a complete, step-by-step walkthrough of the TryHackMe Whiterose room — one of the most realistic banking-themed CTFs focusing on web exploitation, SSTI, IDOR, and Linux privilege escalation. This detailed guide covers everything from initial reconnaissance to full root compromise. Perfect for beginners and intermediate users preparing for OSCP, eWPT, PNPT, and real-world penetration testing. 🕵️ What You'll Learn in This Video 🔎 1. Recon (Nmap & Virtual Hosts Enumeration) Finding key subdomains: www and admin 🔐 2. Web Exploitation – IDOR (Insecure Direct Object Reference) Logging in using given user credentials Discovering account pages with missing access controls Manipulating the URL parameter ?c= to access other users’ data Harvesting credentials by exploiting broken access control Logging in as a more privileged user to retrieve sensitive information 💥 3. EJS Server-Side Template Injection (SSTI) Observing .ejs error responses Identifying vulnerable EJS template in the Settings function Executing system commands using embedded JavaScript payload Spawning a reverse shell via BusyBox & Netcat Stabilizing the shell using Python TTY upgrade 🚀 4. Privilege Escalation – CVE-2023-22809 (sudoedit Vulnerability) Checking sudo permissions with sudo -l Discovering sudoedit NOPASSWD on nginx configuration Capturing the final flag 🧰 Tools Used Nmap FFUF Burp Suite BusyBox Netcat Python TTY Exploit references for EJS 3.1.9 & CVE-2023-22809 🎯 Why This Room Is Important Whiterose is excellent for understanding: IDOR vulnerabilities Server-side template injection (SSTI) Linux privilege escalation Realistic workflow of web application penetration testing 👉 If you find this walkthrough helpful, please LIKE, SUBSCRIBE, and COMMENT. Your support helps me produce more in-depth cybersecurity content. #EthicalHacking #BugBounty #PenetrationTesting #IDOR #SSTI #EJS #PrivilegeEscalation #LinuxEscalation #CVE202322809 #Nmap #FFUF #BurpSuite

Download

0 formats

No download links available.