skip to content
Decrypt LOL

Get Cyber-Smart in Just 5 Minutes a Week

Decrypt delivers quick and insightful updates on cybersecurity. No spam, no data sharing—just the info you need to stay secure.

Read the latest edition

Exploiting the LazyAdmin Machine on TryHackMe

/ 1 min read

🦠 Step-by-step guide to exploiting the LazyAdmin machine on TryHackMe. This write-up details the process of exploiting the LazyAdmin Linux machine, starting with scanning for open ports and identifying services like SSH and Apache. The author discovers a hidden directory in the Apache server leading to the SweetRice CMS, where a backup file reveals admin credentials. After exploiting the CMS, a reverse shell is uploaded to gain user access. Finally, privilege escalation is achieved by executing a Perl script with root privileges, allowing access to the root flag. The write-up emphasizes the importance of securing web directories and file permissions to prevent such exploits.

Source
{entry.data.source.title}
Original