THM VULNVERSITY WALKTHROUGH
This blog post will be sort of a walkthrough for the TryHackMe room, Vulnversity. For learning the basics of active recon, web app attacks and privilege escalation. As always, I wont be revealing the actual flags, rather I will guide you to them. After starting the machine and connecting to the TryHackMe server(either by vpn or using their own web based OS), the IP of the vulnerable machine is revealed (after a few seconds of course). If you're using vpn connection you can also ping the given IP to ensure you're properly connected. The first part is recon using nmap. Pretty straight forward, enter the following command: nmap -sV <insert the machine's IP here>. The -sV tag to get the version of the identified ports. From the nmap scan result you will be able to identify how many ports are open and the version of squid proxy. By reading the intro of part 2, you should be able to also answer the next two questions. The most likely OS the vulnerable machine is running is ...