Wonderland — TryHackMe

Exploiting Search Order Hijacking and Hijacking Imported Python Modules

Initial Reconnaissance

Nmap

HTTP Server Enumeration

Directory Discovery with Gobuster

On The Machine

Getting a Shell

Compromising User Rabbit

Compromising User Hatter

Compromising Root

Summary

Pythonista & Gopher | <OSCP> <CySA+> <Security+> | Part-time Cybersecurity Instructional Associate @ Fullstack Academy

Get the Medium app