This repository contains walkthroughs for various rooms on TryHackMe, a platform for learning and practicing cybersecurity skills through hands-on virtual environments. Each directory corresponds to a specific room and includes a detailed walkthrough guide, along with any necessary files or resources. Purpose of creating this for self learning and helping others.
| Room Name | Difficulty | Type | Description | Room Type |
|---|---|---|---|---|
| 0x41haz | Easy | Linux | Simple Reversing Challenge | Reversing |
| Agent Sudo | Easy | Linux | You found a secret server located under the deep sea. Your task is to hack inside the server and reveal the truth | |
| Annie | Medium | Linux | Remote access comes in different flavors | AnyDesk 5.5.2 – Remote Code Execution CVE-2020-13160 |
| Basic-Pentesting | Easy | Linux | This is a machine that allows you to practise web app hacking and privilege escalation | Beginner Level CTF |
| Battery | Medium | Linux | CTF designed by CTF lover for CTF lovers | Re-Registration Attack XML External Entity Sudo Abuse |
| Biteme | Medium | Linux | Stay out of my server! | CTF |
| Blue | Easy | Windows | Windows Exploitation Basics - Easy | MS17-010 EternalBlue SMB Remote Windows Kernel Pool Corruption |
| Bounty Hacker | Easy | Linux | You talked a big game about being the most elite hacker in the solar system. Prove it and claim your right to the status of Elite Bounty Hacker! | Beginner Level CTF |
| Break Out The Cage | Easy | Linux | Help Cage bring back his acting career and investigate the nefarious goings on of his agent! | CTF |
| Brooklyn-Nine-Nine | Easy | Linux | This room is aimed for beginner level hackers but anyone can try to hack this box. There are two main intended ways to root the box | Beginner Level CTF |
| C4ptur3-th3-fl4g | Easy | Linux | A beginner level CTF challenge | Decoding Messages Spectrograms Steganography Security through obscurity |
| CMesS | Medium | Linux | Can you root this Gila CMS box? | Gila CMS 1.10.9 |
| Capture! | Easy | Web | Can you bypass the login form? | Authentication vulnerability |
| Careers in Cyber | Info | None | Learn about the different careers in cyber security | Guide |
| Cheese CTF | Easy | Linux | Inspired by the great cheese talk of THM! | CTF LFI RCE SUID |
| Chocolate_Factory | Easy | Linux | A Charlie And The Chocolate Factory themed room, revisit Willy Wonka's chocolate factory! | Beginner Level CTF |
| Corridor | Easy | Web | Can you escape the Corridor? | IDOR |
| Dogcat | Medium | Linux | I made a website where you can look at pictures of dogs and/or cats! Exploit a PHP application via LFI and break out of a docker container. | CTF Web |
| Hydra | Easy | Linux | Learn about and use Hydra, a fast network logon cracker, to bruteforce and obtain a website's credentials | Tool Guide |
| Ice | Easy | Windows | Deploy & hack into a Windows machine, exploiting a very poorly secured media server | Buffer overflow in Icecast 2.0.1 allows remote attackers to execute arbitrary code via an HTTP request CVE-2004-1561 |
| Ignite | Easy | Linux | A new start-up has a few issues with their web server | vulnerable CMS service |
| Madness | Easy | Linux | Will you be consumed by Madness? | CTF Steganography setuid |
| Metamorphosis | Medium | Linux | Part of Incognito CTF | CTF rsync SQL |
| Mr Robot CTF | Medium | Linux | Based on the Mr. Robot show, can you root this box? | CTF |
| Pickle Rick | Easy | Linux | A Rick and Morty CTF. Help turn Rick back into a human! | CTF Web Cmd |
| Publisher | Easy | Linux | Test your enumeration skills on this boot-to-root machine | CTF CVE-2023-27372 |
| Startup | Easy | Linux | Abuse traditional vulnerabilities via untraditional means. | CTF |
| The Great Escape | Medium | Linux | Our devs have created an awesome new site. Can you break out of the sandbox? | API Docker |
| The London Bridge | Medium | Linux | The London Bridge is falling down | SSRF CVE-2018-18955 |
| The Marketplace | Medium | Linux | Can you take over The Marketplace's infrastructure? | XSS SQL Docker |
| The Server From Hell | Medium | Linux | Face a server that feels as if it was configured and deployed by Satan himself. Can you escalate to root? | CTF |
| Watcher | Medium | Linux | A boot2root Linux machine utilising web exploits along with some common privilege escalation techniques | LFI Cronjob |
| Web Application Security | Easy | Web | Learn about web applications and explore some of their common security issues. | Info |
| Wekor | Medium | Linux | CTF challenge involving Sqli , WordPress , vhost enumeration and recognizing internal services ;) | SQL WordPress Eeverse engineering |
| Welcome | Easy | Linux | Learn how to use a TryHackMe room to start your upskilling in cyber security. | Info |
| Wgel CTF | Easy | Linux | Can you exfiltrate the root flag? | CTF |
| Whiterose | Easy | Linux | Yet another Mr. Robot themed challenge. | EJS SSTI |
| Wonderland | Medium | Linux | Fall down the rabbit hole and enter wonderland | Python |
| Zeno | Medium | Linux | Do you have the same patience as the great stoic philosopher Zeno? Try it out! | Restaurant Management System 1.0 - Remote Code Execution |
Zeno/writeup.md
Feel free to explore the walkthroughs and learn more about the different challenges and techniques covered in each room.
In addition to the walkthroughs, this repository may also include other relevant files or resources associated with each room, such as exploit scripts, log files, or nmap scans. These files can be found within the respective directories.
Sometime im too lazy to make a complete walkthorugh so please ignore that..
Please note that the walkthroughs provided here are for educational purposes only and should not be used for any malicious activities. Always adhere to ethical hacking practices and respect the terms and conditions of the TryHackMe platform.
If you would like to contribute to this repository by adding your own walkthroughs or improving existing ones, please follow the standard GitHub workflow: Fork the repository, make your changes, and submit a pull request. Your contributions are greatly appreciated! Happy hacking!