Exploit Vulnerabilities

easy20 mintryhackme

Learn how to find and use exploits in practice. Covers automated vs manual vulnerability scanning, exploit research using public resources (Github, Exploit-DB, Searchsploit), different exploit types, and hands-on exploitation of Online Book Store v1.0 using a known RCE vulnerability. The practical exercise has you identify the application version, find the right exploit, and execute it to retrieve a flag from the web directory.

Skills You Will Learn

exploit-researchsearchsploitrcemanual-exploitation

Prerequisites

thm-vulnerabilities101
version-disclosure
exploit-db

Walkthrough Phases

Automated vs Manual Scanning

Understand when to use automated scanners vs manual techniques

Finding Exploits

Know where to find exploit code and PoC for discovered vulnerabilities

Types of Exploits

Understand Remote Code Execution and other common exploit types

Exploiting Online Book Store v1.0

Identify, research, and exploit the Online Book Store vulnerability for RCE

10 questions to answer

alienrecon start thm-exploitingavulnerabilityv2

Don't have AlienRecon? Get started here