TryHackMe: Local File Inclusion Writeup

Local File Inclusion Logo at Tryhackme

This room aims to understand and exploit a web server that is vulnerable to the Local File Inclusion (LFI) vulnerability. This room can be accessed using this link: https://tryhackme.com/room/lfi

Task 1: Deploy

  1. Deploy the VM and access its web server: http://MACHINE_IP. Answer: No answer needed

Task 2: Getting user access via LFI

  1. Look around the website. What is the name of the parameter you found on the website? Answer: page
  2. You can read the interesting files to check out while testing for LFI. Answer: No answer needed
  3. This file can give information about the system like the name of all the existing users on the system. Answer: No answer needed
  4. What is the name of the user on the system? Answer: falcon
  5. Once you find the name of the user it’s important to see if you can include anything common and important in that user’s directory, could be anything like theirs .bashrc etc. Answer: No answer needed
  6. Name of the file which can give you access to falcon’s account on the system? Answer: id_rsa
  7. What is the user flag? Answer: B8LEGIF049JT4RTVWUG4

Task 3: Escalating your privileges to root

  1. What can falcon run as root? Answer: /bin/journalctl
  2. Search gtfobins via the website or by using gtfo tool, to see if you find any way to use that binary for privilege escalation. Answer: No answer needed
  3. What is the root flag? Answer: H1EQRK5XEX140H2KMO08
  4. Why not complete the LFI beginner level challenge next? Answer: No answer needed

Follow me on LinkedIn: https://www.linkedin.com/in/-prashantkumar07/

--

--

--

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

{UPDATE} Gladiator: Rise of Legends Hack Free Resources Generator

How to Upgrade log4j

The Increasing Sophistication of TikTok Crypto Scammers

How Typing A URL Gives You A Website

The Quantum Threat To Cryptography

De-cluttering data to make the fight against fraud more effective

Happy International Data Protection Day!

{UPDATE} Wort Kreuz Hack Free Resources Generator

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
TheCyberWarrior

TheCyberWarrior

More from Medium

TryHackMe: Sublist3r Writeup

Sublister Logo at Tryhackme

Mustacchio — TryHackMe CTF Walkthrough

TryHackMe: [Day 2] Web Exploitation Elf HR Problems

Hack the Box — Beep Writeup