TryHackMe: Content Discovery Writeup

Content Discovery Logo at TryHackMe

This room aims to teach the various ways of discovering hidden or private content on a webserver that could lead to new vulnerabilities. This room can be accessed using this link: https://tryhackme.com/room/contentdiscovery

Task 1: What Is Content Discovery?

  1. What is the Content Discovery method that begins with M? Answer: Manually
  2. What is the Content Discovery method that begins with A? Answer: Automated
  3. What is the Content Discovery method that begins with O? Answer: OSINT

Task 2: Manual Discovery — Robots.txt

  1. What is the directory in the robots.txt that isn’t allowed to be viewed by web crawlers? Answer: /staff-portal

Task 3: Manual Discovery — Favicon

  1. What framework did the favicon belong to? Answer: cgiirc

Task 4: Manual Discovery — Sitemap.xml

  1. What is the path of the secret area that can be found in the sitemap.xml file? Answer: /s3cr3t-area

Task 5: Manual Discovery — HTTP Headers

  1. What is the flag value from the X-FLAG header? Answer: THM{HEADER_FLAG}

Task 6: Manual Discovery — Framework Stack

  1. What is the flag from the framework’s administration portal? Answer: THM{CHANGE_DEFAULT_CREDENTIALS}

Task 7: OSINT — Google Hacking / Dorking

  1. What Google dork operator can be used to only show results from a particular site? Answer: SITE:

Task 8: OSINT — Wappalyzer

  1. What online tool can be used to identify what technologies a website is running? Answer: WAPPALYZER

Task 9: OSINT — Wayback Machine

  1. What is the website address for the Wayback Machine? Answer: https://archive.org/web/

Task 10: OSINT — GitHub

  1. What is Git? Answer: version control system

Task 11: OSINT — S3 Buckets

  1. What URL format do Amazon S3 buckets end in? Answer: .s3.amazonaws.com

Task 12: Automated Discovery

  1. What is the name of the directory beginning “/mo….” that was discovered? Answer: /monthly
  2. What is the name of the log file that was discovered? Answer: /development.log

Follow me on LinkedIn: https://www.linkedin.com/in/-prashantkumar07/

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store