Skip to content

Complete TryHackMe WebAppSec 101 Walkthrough

WebAppSec 101 Walkthrough
TryHackMe WebAppSec 101

https://tryhackme.com/room/webappsec101

Task 1  Basic Description & Objectives

Task 2  Walking through the application

On task 2 we will understand how to verify when dealing with a webserver

Answer the questions below

What version of Apache is being used?

nmap -sV -sC -A 10.10.118.26

Execute a curl command and save the output into a file:

curl -s -D info_header.txt 10.10.118.26 > /dev/null

Read the file content and extract the values for the answers.

cat info_header.txt

What language was used to create the website?

We can check this on X-Powered-By header.

PHP

What version of this language is used?

We can check this on X-Powered-By header.

5.5.9

Task 3  Establishing a methodology

Task 4  Authentication

Open your Ip inside firefox and open Burpsuite to intercept all requests between our browser and the webserver. Let’s investigate a little bit our communication flow.

tmp

Answer the questions below

What is the admin username?

What is the admin password?

What is the name of the cookie that can be manipulated?   

SESSION

What is the username of a logged on user?

What is the corresponding password to the username?

Task 5  Cross Site Scripting (XSS)

Answer the questions below

Test for XSS on the search bar

<script>alert("RFS")</script>

Test for XSS on the guestbook page

<script>alert("RFS")</script>

Test for XSS behind the flash form on the home page

<script>alert("RFS")</script>

Task 6  Injection

Task 7  Miscellaneous & Logic Flaws

Answer the questions below

Find a parameter manipulation vulnerability

Find a directory traversal vulnerability

Find a forceful browsing vulnerability

Logic flaw: try get an item for free