https://app.hackthebox.com/machines/Cap This is a very easy box. With Hack The Box, it takes a long time to run nmap. I started nmap and loaded up the IP in my web browser to see if there was a website. Enumeration Initial Web Enumeration Visiting http://10.10.10.245/, the title page mentioned /ip. However, instead of running wfuzz immediately, … Read more
Challenge Overview This challenge provided a downloadable file named cat.ab, which was identified as an Android Backup file. The goal was to analyze the backup and extract hidden information, ultimately leading to the discovery of the flag. Step 1: Identifying the File Type After downloading the file, I used the strings command to inspect its … Read more
Lesson Learned” TryHackMe Box Introduction The Lesson Learned box on TryHackMe is a realistic web application that challenges users to think like attackers. Unlike traditional CTF-style challenges, it encourages treating the target as a real-world system, forcing a more methodical approach. My objective was simple: bypass authentication and retrieve the flag. However, I encountered multiple dead ends before finally … Read more