| Lab/Room | TryHackMe - |
|---|---|
| Type | Challenge |
| Statut | Done |
| Date | 09/02/2026 |
Something seems a little off with the server.
Agent T uncovered this website, which looks innocent enough, but something seems off about how the server responds...
Exploiting a server vulnerability to gain root access, using burpsuite to check the header and retrieve server info and use it to find a known vulnerability.
This room is clearly oriented toward web exploitation, which immediately narrows the scope of the attack surface. Rather than performing broad network enumeration, the objective is to analyze the exposed web service and identify a vulnerability that leads to flag disclosure.
The investigation begins with a basic service and version scan to understand what is running on the target host:
nmap -sV target_ip
The scan reveals a PHP service that immediately stands out. The server appears to be running a PHP CLI server in a development (dev) version, which is unusual for a production-like environment. This kind of setup is often insecure and may expose functionality or vulnerabilities not meant to be publicly accessible, making it a strong candidate for further investigation.
Accessing the target IP directly through a browser shows a static theme page. The site looks unfinished:
A quick source code review does not reveal anything exploitable. There are no exposed credentials, comments, or client-side logic flaws. At this stage, the web application itself does not appear vulnerable through conventional means.