Discover the tools to build your own vision.

β€” Another method of Encryption.

β€” It was known for its β€œnon-reversible” nature. Simply put, it cannot be decrypted.

But brutal we tech people are. 😈

Developed many tools/websites which can easily β€œidentify” the type of hash as well as can β€œdecrypt”…


Tools and Commands Used to Solve this Room

Link to the Room: https://tryhackme.com/room/webfundamentals

Task 1 Introduction and objectives
- [Completed]

Task 2 How do we load websites?

  • What request verb is used to retrieve page content?


Tools and Commands Used To Solve This Room.

* All answers found using β€œZenmap”.

  • How many ports are open?
    * 3 ports.
  • What is the version of nginx?
    * Version is 1.16.1.
  • What is running on the highest port?
    * Apache Service running on the highest port.


Tools and Commands Used to Solve This Room.

  • Deploy the machine.
    [Completed]
  • Find open ports on the machine.
    * Zenmap.


Tools and Commands Used to Solve this Room

  • zenmap
    * open ports = 21, 22, 80
    * open service = ftp with credientials


Tools and Commands used to solve this room.

  1. Found Via Zenmap.
    open port (21, 22, 80)
    open FTP service on port 21 with anonymous credentials.

2. FTP service is open which means check the IP source page on the browser.

3. Web page has image and source page asking for steganography.

1. image cracked via stegcracker.
- new file created.
- read (β€˜cat’) file to find Holts password.

2. SSH to holt’s with IP.
β€” (ls β€” will show user file) β€” [user flag]
β€” (sudo -l, will show /bin/nano to read β€˜sudo /bin/nano root/root.txt’) β€” [root flag]


Tools used to find the answer.

#1 Deploy the machine and connect to our network.

  • ( Completed ).

#2 Find the services exposed by the machine.

  • ( 80, 22, 139, 445,..) Via Nmap/Zenmap.

#3 What is the name of the hidden directory on the webserver(enter name without /)?

  • ( β€˜/development’, Found Via dirsearch ).

#4 User…


Everything in life has some risk. What you have to actually learn to do is how to navigate it.

There are many websites out there who give you the definitions of risk management and their steps, which at that moment will be understandable and memoizable but after a while, you…

Sana Qazi

Sana Qazi is a Technical Writer specialized in Information Security. She is a writer by day and a reader by night.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store