TryHackMe | Neighbour

Hello everyone, in this write-up i will explain the solution of the machine named “Neighbor” in tryhackme.

Scanning

First we do nmap scan

Ports 80 (web) and 22 (ssh) are open.

Let’s check the website.

We came across the login page. It says something is wrong with the page source. Let’s see.

It says we can login with guest:redacted credentials.

We caught the login process with Burp. Let’s burn this.

It takes the agent parameter “?user=agent”. So the username we gave

Let’s see what happens if we change the user to admin

Yes, there seems to be an IDOR vulnerability caused by misconfiguration.