Write-up - TryHackMe Room DogCat

Room: DogCat Room create by: Jammy Vulnerabily tipe: Local File Inclusion (LFI) OWASP WSTG: Testing for Local File Inclusion Tags: #LFI #write-up #TryHackMe #log_poisoning #command_injection #docker_scape Author: Rafael Toguko Write-up date: 2022-01-18 Objectives Capture four flags from the box with LFI vulnerability doing escalation privileges, and docker escape to the root machine. TL;DR on the end of the page! Write-up machine “dogcat” on TryHackMe Starting Recon I always start doing at least a simple nmap, even on machines like this one that I know is a web LFI vulnerability....

January 18, 2022 · 12 min · Rafael Toguko