Inclusion room write-up
![Satyam Kanojiya[547y4m]](https://miro.medium.com/v2/resize:fill:88:88/1*YGvD0oqZms8m9hYJAmfD8w.jpeg){kind=small}
Published in
Nov 29, 2020
A beginner level LFI challenge on TryHackMe
LFI (Local File Inclusion)
Level : Easy
Room link : https://tryhackme.com/room/inclusion
Hello friends, thodi hacking krlo // skip-this
TASK 1 :-
Deploy the machine, no answer required
TASK 2 :-
- NMAP SCAN : nmap -sV -T4 <I.P>
2. Visiting <I.P> on browser an LFI vulnerable blog shows up
3. Upon visiting one of the blog we can see parameter “?name=” in URL bar and it seems vulnerable. Let’s exploit it!
4. After getting credentials from above ssh into machine and ola we are in 😎
For Privilege Escalation : https://gtfobins.github.io/gtfobins/socat/
Grab the user & root flag from above steps……………
Enjoy, thanks for reading and have a good day 🍺
👋 Follow and connect with me on Github
![Satyam Kanojiya[547y4m]](https://miro.medium.com/v2/resize:fill:144:144/1*YGvD0oqZms8m9hYJAmfD8w.jpeg)
