all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

MD2PDF — TryHackMe Walkthrough Writeup

Add to bookmarks
March 31, 2023, 12:56 p.m. | 0xEchidonut

InfoSec Write-ups - Medium infosecwriteups.com

MD2PDF — TryHackMe Walkthrough Writeup

Hello Everyone! It’s been awhile since my last writeup. I’ve been focusing lately on CTFs more than bug bounty.

MD2PDF

MD2PDF (https://tryhackme.com/room/md2pdf) is an Easy CTF challenge that is very much beginner friendly.

Recon

MD2PDF stands for Markdown2PDF. The homepage offers a functionality which converts HTML markup to PDF format. This pretty much opens up the possibilities for XSSs or better, SSRFs (Server Side Request Forgery).

if an XSS/SSRF in the PDF …

tryhackme walkthrough writeup

Visit resource

More from infosecwriteups.com / InfoSec Write-ups - Medium

Hack Stories: Hacking Hackers EP:3 23 hours ago | infosecwriteups.com
big bug bounty cybersecurity hack +9
Mastering Shodan Search Engine 2 days ago | infosecwriteups.com
bug bounty bug-bounty-tips cybersecurity information security +1
Email Verification Bypass via Remember Me 2 days ago | infosecwriteups.com
bug bounty cybersecurity hacking pentesting +1
Exploiting Symlinks: A Deep Dive into CVE-2024–28185 and CVE-2024–28189 of Judge0 Sandboxes 2 days ago | infosecwriteups.com
attacks code code execution continue +15
Typo Trouble: Exploring the Telegram Python RCE Vulnerability 2 days ago | infosecwriteups.com
address alerts application concept +25
Active DNS Recon using AXIOM 2 days ago | infosecwriteups.com
bug bounty bug-bounty-tips cybersecurity infosec +1
Information Disclosure: Story of 500€ + 400$ Bounty 2 days ago | infosecwriteups.com
bug bounty cybersecurity hacking information technology +1
Demystifying Password Cracking: Attacks and Defence Strategies 2 days ago | infosecwriteups.com
cybersecurity ethical hacking hacking infosec +1
Race Condition and Broken Access Control on Developer Dashboard 2 days ago | infosecwriteups.com
access access control broken access control can +24

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Level 1 SOC Analyst

@ Telefonica Tech | Dublin, Ireland
View on infosec-jobs.com

Specialist, Database Security

@ OP Financial Group | Helsinki, FI
View on infosec-jobs.com

Senior Manager, Cyber Offensive Security

@ Edwards Lifesciences | Poland-Remote
View on infosec-jobs.com

Information System Security Officer

@ Booz Allen Hamilton | USA, AL, Huntsville (4200 Rideout Rd SW)
View on infosec-jobs.com

Senior Security Analyst - Protective Security (Open to remote across ANZ)

@ Canva | Sydney, Australia
View on infosec-jobs.com
View more jobs