Home Research CTF TryHackMe Contact

// ctf · mars

Writeups

25 TryHackMe rooms. Step-by-step methodology, from enumeration to root.

25 rooms solved
Easy / Medium / Insane
TryHackMe platform

TryHackMe Profile

0xb0rn3

All rooms below are documented with full attack methodology from initial recon to root.

View Profile

Showing 25 / 25

EasyTryHackMe

Pickle Rick

Web enumeration and command injection on a Rick and Morty themed challenge.

Writeup
EasyTryHackMe

Agent Sudo

Steganography chain and CVE-2019-14287 — a sudo privilege bypass without a password.

Writeup
EasyTryHackMe

Bounty Hacker

FTP enumeration, SSH brute-force, and a classic sudo privilege escalation.

Writeup
EasyTryHackMe

Simple CTF

SQL injection for initial access, followed by sudo abuse for root.

Writeup
EasyTryHackMe

Sticker Shop

Stored XSS exploitation to exfiltrate session data and capture the flag.

Writeup
EasyTryHackMe

Hidden Deep Into My Heart

Web enumeration and directory brute-forcing to uncover hidden flags.

Writeup
EasyTryHackMe

W1seGuy

XOR cipher analysis and key recovery through frequency analysis.

Writeup
MediumTryHackMe

0Day

Custom exploit development chain targeting a vulnerable web service for RCE.

Writeup
MediumTryHackMe

Attacktive Directory

Active Directory enumeration, Kerberoasting, and full domain compromise.

Writeup
MediumTryHackMe

Biohazard

Multi-stage challenge: web enumeration, steganography, and encoding chains.

Writeup
MediumTryHackMe

Cheese

Web application exploitation and post-exploitation privilege escalation.

Writeup
MediumTryHackMe

Chill Hack

Web foothold via command injection, then Docker container escape to root.

Writeup
MediumTryHackMe

Crypto Failures

Exploiting weak cryptography in a web application to gain unauthorized access.

Writeup
MediumTryHackMe

Dogcat

PHP LFI vulnerability escalated to RCE via Apache log poisoning.

Writeup
MediumTryHackMe

Ghizer

Multi-vulnerability chain from web foothold through to root escalation.

Writeup
MediumTryHackMe

Rabbit Store

SSRF, JWT manipulation, and privilege escalation chained for full root compromise.

Writeup
MediumTryHackMe

Relevant

Windows SMB enumeration and token impersonation for privilege escalation.

Writeup
MediumTryHackMe

Rootme

Web shell upload to initial access, then SUID binary abuse for root.

Writeup
MediumTryHackMe

Silver Platter

Service enumeration leads to credential exposure and a clear path to root.

Writeup
MediumTryHackMe

UltraTech

API command injection followed by Docker socket abuse for container escape.

Writeup
MediumTryHackMe

VulnNet: Internal

Internal service enumeration across NFS, Redis, and SMB to full compromise.

Writeup
MediumTryHackMe

Wgel CTF

WordPress enumeration leads to SSH key exposure, then sudo privilege escalation.

Writeup
MediumTryHackMe

Wonderland

Alice in Wonderland themed privilege escalation chain involving PATH hijacking.

Writeup
MediumTryHackMe

Year of the Pig

Custom web application exploitation chained with Linux privilege escalation.

Writeup
InsaneTryHackMe

Snowy Armageddon

Advent of Cyber 2023 side quest — extended multi-stage challenge chain.

Writeup