Vulnversity - TryHackMe Walkthrough

Introduction:- Learn about active recon, web app attacks and privilege escalation. #Web_Pentesting Chapters:- 0:00 - Room Introduction 0:54 - Nmap Scanning 4:13 - Directory Buster - Directory BruteForce 7:57 - Exploiting File Upload 10:50 - Msfvenom - WebShell Generation 17:41 - Msfconsole - Catching ReverseShell & Data Exfil 21:04 - Linpeas and LinEnum 25:01 - Using SystemCtl - For Privilege Escalation Tools:- Tools used are as following:- #nmap - port scanning, service enumeration #dirbuster - directory brute force #msfvenom - generating PHP reverse shell #msfconsole - Reverse Shell Listener #linpeas - Linux Enumeration for post exploitation #linenum - Old Linux Enumeration tool for post exploitation #netcat - Swiss army knife of hacking, reverse shell listener Important Links:- https://linpeas.sh/ (Linpeas Download Link) https://github.com/rebootuser/LinEnum (LinEnum Download Link) https://www.kali.org/get-kali/#kali-virtual-machines (Kali Linux Vmware) https://tryhackme.com/room/vulnversity (Room URL)