Root Me — TryHackMe

Share on facebook
Share on twitter
Share on linkedin
Share on reddit

Root Me — TryHackMeArt of Escalation

Welcome back amazing hackers in this blog I came with another interesting topic RootMe walkthrough which is based on file upload and gaining shell find the flags.

Without wasting time let's get into the walkthrough. Firstly I perform a Nmap scan whether any useful information was obtained or not.

I had two open ports which were ports 22 and 80 opened. Then I opened 80 on the browser which was not interesting information.

I use the Gobuster tool for any hidden directory or some useful directories.

Then I find useful directories such as /uploads and /panel.

I redirected to /panel directory in a browser and checked out information and I saw one upload functionality there. I took PHP-reverse shell.php and modify the IP with my IP and I change the port number and started listening to Netcat.

nc -lvnp 4444

I Upload the PHP-reverse-shell.php but unfortunately couldn’t work.

So I refer to some bypassing techniques from googling it made me bypassed.

Instead of .php i use .phtml extension.

Then I navigated to /uploads location and I clicked the file Vola!!!

Then use

Read more

Explore the site

More from the blog

Latest News