all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Try Hack Me: MD2PDF

Add to bookmarks
March 24, 2023, 2:02 p.m. | Ryan Yager

System Weakness - Medium systemweakness.com

Today we are going to look at a machine on Try Hack Me that is vulnerable to Cross Site Scripting (XSS) to be able to read a file on the local server.

TryHackMe | MD2PDF

We will start off as normal with a rustscan / nmap scan:

Port 5000 is strange, I ran an NMAP scan on it to see what it was and it turned out to be the same thing as port 80:

Looking at both 5000 and …

cross site scripting file hack hacking local machine nmap oscp penetration testing port run rustscan scan scripting server start tryhackme tryhackme-walkthrough vulnerable xs xss

Visit resource

More from systemweakness.com / System Weakness - Medium

NESA Cybersecurity Standards of UAE — An Overview 23 hours ago | systemweakness.com
authority called compliance critical +23
Analytics Write-Up 23 hours ago | systemweakness.com
ctf-writeup hackthebox htb-writeup infosec +1
SSL certificate chain and how it’s verification works in browser (when misconfigured in server) but 23 hours ago | systemweakness.com
ssl ssl-certificate-chain
Cybersecurity Insights: Adversarial Machine Learning Demystified 23 hours ago | systemweakness.com
adversarial ai applications artificial intelligence +14
Best Open Source Software for Cybersecurity 23 hours ago | systemweakness.com
analysis applications best of can +24
Boosting Website Security: Implementing SSL Termination on Your HAProxy Load Balancer. 3 days, 2 hours ago | systemweakness.com
encryption haproxy ssl certificate web development +1
THM: Gaining Access to the Library Server 3 days, 6 hours ago | systemweakness.com
thm-writeup
Setting Up a Local Kubernetes Cluster with Minikube and Deploying a Web Application 3 days, 23 hours ago | systemweakness.com
kubectl kubernetes minikube virtualbox +1
TestDisk in Linux and recover deleted files 3 days, 23 hours ago | systemweakness.com
data deleted-files-recovery linux recovery

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Information Security Engineers

@ D. E. Shaw Research | New York City
View on infosec-jobs.com

Cybersecurity Architect III

@ JPMorgan Chase & Co. | Columbus, OH, United States
View on infosec-jobs.com

Senior DevSecOps Engineer

@ Marlabs | Chennai, IN
View on infosec-jobs.com

Consultant Cyber Sécurité H/F

@ Hifield | Lyon, France
View on infosec-jobs.com

Cyber Security Consultant (Remote, US)

@ Crosslake Technologies | Remote (US)
View on infosec-jobs.com

PE Hub- SAP GRC/ IAG Consultant

@ SAP | Bengaluru, IN, 560066
View on infosec-jobs.com
View more jobs