| Lab/Room | TryHackMe - Web app red teaming |
|---|---|
| Type | Challenge |
| Statut | Done |
| Date | 28/01/2026 |
Sometimes in a pentest, you get root access very quickly. But is it the real root or just a container? The voyage might still be going on.
Chain multiple vulnerabilities to gain control of a system.
A full TCP port scan was performed against the target:
nmap -p- 10.66.123.204
The scan revealed multiple exposed services, most notably:
The presence of an HTTP service on port 80 warranted further inspection.
Inspecting the HTML source code of the web page hosted on port 80 revealed embedded Joomla configuration data, confirming the CMS in use.
Based on this finding, research led to CVE‑2023‑23752, a Joomla Authentication Bypass vulnerability allowing unauthenticated access to sensitive API endpoints by setting the public=true parameter.