Open in app

Sign in

Write

Sign in

Member-only story

Lunizz CTF Tryhackme Writeup

Vijay Kumar Gupta
5 min readAug 20, 2024

--

This is a Writeup of Tryhackme room “Lunizz CTF”

Room link: https://tryhackme.com/room/lunizzctfnd
Note: This room is Free

Enumeration

Rustscan

Directory Brute Forcing with Gubuster

We saw port 80 is open, so let’s brute force the directories and files which are exposed by this web server using ffuf:

gobuster dir -u http://10.10.106.159/ -w directory-list-2.3-medium.txt -x .php,.html,.txt
http://10.10.106.159/whatever

The “whatever” directory looks interesting as this indicates that we can run commands on the server,but the mode looks to be disabled:

/instructions.txt

--

--

Vijay Kumar Gupta
Vijay Kumar Gupta

Written by Vijay Kumar Gupta

450 Followers
2 Following

Vijay Gupta is an inspiring public speaker and social entrepreneur who has dedicated his life to bringing about positive change and empowering communities.

No responses yet

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams