Watcher TryHackMe Write-Up
Tags
attack-pattern: Data Credentials - T1589.001 Cron - T1053.003 Python - T1059.006 Server - T1583.004 Server - T1584.004 Ssh - T1021.004 Sudo - T1169
Show in Graph
Common Information
Type Value
UUID 5bf26e19-6e42-4873-8811-7f6484b08812
Fingerprint 99b10b10348086eb
Analysis status DONE
Considered CTI value -2
Text language
Published July 29, 2023, 5:01 a.m.
Added to db July 29, 2023, 8:15 a.m.
Last updated Nov. 17, 2024, 11:40 p.m.
Headline Watcher TryHackMe Write-Up
Title Watcher TryHackMe Write-Up
Detected Hints/Tags/Attributes 43/1/35
Source URLs
Redirection Url
Details Source https://medium.com/@josephalan17201972/watcher-tryhackme-write-up-4c6e533dc80c?source=rss------cybersecurity-5
URL Provider
Details Provider Source level domain
Details medium.com medium.com
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 167 Cybersecurity on Medium https://medium.com/feed/tag/cybersecurity 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details Domain 1 
do.shell
Details Domain 2 
cow.sh
Details Domain 54 
subprocess.call
Details Domain 2 
cmd.py
Details File 59 
post.php
Details File 1206 
index.php
Details File 75 
3-medium.txt
Details File 258 
robots.txt
Details File 1 
round.php
Details File 1 
bunch.php
Details File 2 
secret_file_do_not_read.txt
Details File 1 
flag_2.txt
Details File 71 
shell.php
Details File 1 
flag_3.txt
Details File 1 
flag_4.txt
Details File 28 
note.txt
Details File 1 
flag_5.txt
Details File 1 
flag_6.txt
Details File 2 
will_script.py
Details File 124 
os.sys
Details File 2 
cmd.py
Details File 3 
ssh.key
Details File 1 
flag_7.txt
Details md5 1 
e180ec1f269e32eb273f26acd237ba96
Details md5 1 
36ff7011058ed4507a29915875ac2e76
Details md5 1 
48d23e45da0cf0f6654ef9789737aa8a
Details IPv4 1 
10.10.231.59
Details IPv4 1 
10.10.0.46
Details IPv4 6 
10.13.30.5
Details Url 1 
http://10.10.231.59/post.php?post=
Details Url 1 
http://10.10.231.59/post.php?post=php://filter/convert.base64-encode/resource=index.php
Details Url 1 
http://10.10.0.46/fuzz
Details Url 1 
http://10.10.231.59/post.php?post=secret_file_do_not_read.txt
Details Url 1 
http://10.10.231.59/post.php?post=../../../../../../../../../../../../../../home/ftpuser/ftp/files/shell.php
Details Url 1 
http://10.10.231.59/ssh.key