TryHackMe TakeOver CTF Writeup: Step-by-Step Guide to Subdomain Hacking.
Problems :-
1. What's the value of the flag?
Hint :- Don't forget to add the MACHINE_IP in /etc/hosts for
futurevera.thm ;
Solutions :-
Step 1 :-
Add the [futurevera.thm] in your [/etc/host] file. [echo -n -e
'MACHINE_IP\tfuturevera.thm | sudo tee -a /etc/hosts]
Step 2 :-
Go to the website using any browser...
First, I analyzed the page's source code, but found nothing Special.
Since this challenge involves a subdomain takeover, I will focus
on that instead.
Step 3 :-
Let's do subdomain fuzzing using ffuf tool on Kali Linux. This
tool helps detect hidden or unlisted subdomains by sending
requests to a target domain with different subdomain variations,
allowing us to discover potential takeover points.
As , you can see two subdomain [support],[blog]. Add this
subdomain in your [/etc/host] for access site.
[ echo -n -e 'MACHINE_IP\blog.futurevera.thm
support.futurevera.thm' | sudo tee -a /etc/hosts] using this cmd or
'nano ' to edit.
Step 4 :-
Let's go access the first subdomain.
I check the certificate of this subdomain, but found nothing to
special.
Step 5 :-
Let's go access the second subdomain. This time I find something
to be special.
Let's go to view the certificate of this subdomain. So , I check the
certificate of this subdomain.
Step 5 :-
Let's go access the second subdomain. This time I find something
to be special.
Let's go to view the certificate of this subdomain. So , I check the
certificate of this subdomain.
You saw the DNS name on my screen, maybe this is my dinner.
Edit your /etc/hosts file again and add this DNS name. Then, open
your browser and access the URL, but make sure to change the
[https] to [http] from the url. After doing this, it should redirect
you to the actual server.
Holax , I found the flag looking the url and also the
error.
THANK YOU FOR READING.
Read More Blog........
0 Comments