BOOK THIS SPACE FOR AD
ARTICLE ADTryHackMe’s Takeover Simple Walkthrough | Karthikeyan Nagaraj
Room Description:
Hello there,
I am the CEO and one of the co-founders offuturevera.thm.In Futurevera, we believe that the future is in space.We do a lot of space research and writeblogs about it.We used to help students with space questions, but we are rebuilding oursupport.Recently blackhat hackers approached us saying they could take over and are asking us for a big ransom. Please help us to find what they can take over.
Hint: Don’t forget to add the 10.10.218.33 in /etc/hosts for futurevera.thm ; )
Our website is located at https://futurevera.thm
Note:
For this challenge, you don’t need to Enumerate subdomains via tools. Because, we can assume the sub-domains, which is mentioned in 4th step.
Only for this Challenge!!And, Some domains won’t work in chrome, In that cases use firefox
Connect to TryHackMe’s VPN and Make sure to add the subdomains to /etc/hosts with the corresponding IP
4. Make sure to add the subdomain to/etc/hostsbefore opening
4. As per the room description, we can assume that there will be 2 subdomains → blog and support
5. Let’s add the Sub domain https://blog.futurevera.thm to/etc/hosts and Explore it further
sudo echo <THM-IP> blog.futurevera.thm >> /etc/hosts
if you get an error, try the below command
suecho <THM-IP> blog.futurevera.thm >> /etc/hosts
6. Inspecting Blog doesn’t provide anything useful. So Let’s move to support
7. The Room Description Expresses that they are rebuilding thesupport page, so there may be chances to obtain the flag
8. By Checking the certificate, we found a domain name
9. On Opening the domain, we’ll get the flag
Flag: flag{beea0d6edfcee06a59b83fb50ae81b2f}Feel Free to Ask Queries via LinkedIn and to Buy me a Cofee : )
Thank you for Reading!!
Happy Takeover ~
Author: Karthikeyan Nagaraj ~ Cyberw1ngtryhackme , thm , subdomain takeover , takeover , ctf , bug , bug bounty , bug hunting , vulnerability , cyber security , cve , karthikeyan nagaraj , cyber wing