Side Quest 4 Automated Exploit - SQLi to SSRF to Root RCE by Team Snowmen

by sumanrox
Download
.cast - original recording .txt - plain text version .gif - animated GIF
GNU/Linux β€’ xterm-256color β€’ zsh 866 views

Team Snowmen - Automated Exploit for TryHackMe Advent of Cyber

πŸŽ„πŸ”’ Surfing Yeti is Coming to Town πŸ”’πŸŽ„

Description

Team Snowmen proudly presents an automated exploit for the TryHackMe Advent of Cyber Side Quest Event Part 4 - β€œSurfing Yeti is Coming to Town.” πŸŽ…πŸ½πŸ•΅οΈβ€β™‚οΈ

Features:
  • πŸš€ Automated exploit to streamline your hacking experience!
  • ❄️ Christmas-themed payload for festive engagements!
  • 🀝 Developed collaboratively by Team Snowmen.
Room Link

πŸ”— Surfing Yeti is Coming to Town

Usage
  1. Clone the repository: git clone https://github.com/sumanrox/sidequest-exploits.git
  2. Navigate to the exploit directory: cd sidequest-exploits/sidequest_4
  3. Run the automated exploit: ./sq4Exploit.py -p 8000 -lh ATTACKER_IP -lp ATTACKER_PORT -a TARGET_IP.
  4. Enjoy the Christmas magic of automated hacking! πŸŽ…πŸ½πŸŽ
Credits
Developed with love and snowflakes by Team Snowmen. ⛄️❀️

More recordings by sumanrox

Browse all

Side Quest 3 Automated Exploit - Vim to RCE by Team Snowmen 0:33

by sumanrox

ISITUP - Rapid probing domains 0:57

by sumanrox

Get the Side Quest 2 Flags from exploiting a webcam running ARM Processor, via Remote Code Execution 1:03

by sumanrox

Reconfavicon - Automated Hash generator for favicons 0:52

by sumanrox
Share this recording
https://asciinema.org/a/629374
Copied!

Append ?t=30 to start the playback at 30s, ?t=3:20 to start the playback at 3m 20s.

See sharing docs for more link customization options.

Embed as image link

Use snippets below to display a preview image linking to this recording.
Ideal for places where scripts are not allowed, such as project README files.

HTML: 

<a href="https://asciinema.org/a/629374" target="_blank"><img src="https://asciinema.org/a/629374.svg" /></a>
Copied!

Markdown: 

[![asciicast](https://asciinema.org/a/629374.svg)](https://asciinema.org/a/629374)
Copied!

Embed the player

If you're embedding on your own page or on a site which permits script tags, you can use the full player widget:

<script src="https://asciinema.org/a/629374.js" id="asciicast-629374" async="true"></script>
Copied!

Paste the above script tag where you want the player to be displayed on your page.

See embedding docs for more player customization options.

Download this recording

You can download this recording in asciicast v2 format, as a .cast file.

Download

Replay in terminal

You can replay the downloaded recording in your terminal using the asciinema play command: 

asciinema play 629374.cast
Copied!

If you don't have asciinema CLI installed then see installation instructions.

Use with stand-alone player on your website

Download asciinema player from the releases page (you only need .js and .css file), then use it like this: 

<!DOCTYPE html>
<html>
<head>
  <link rel="stylesheet" type="text/css" href="/assets/asciinema-player.css" />
</head>
<body>
  <div id="player"></div>
  <script src="/assets/asciinema-player.min.js"></script>
  <script>
    AsciinemaPlayer.create(
      '/assets/629374.cast',
      document.getElementById('player'),
      { cols: 169, rows: 26 }
    );
  </script>
</body>
</html>

See asciinema player quick-start guide for full usage instructions.

Generate GIF from this recording

While this site doesn't provide GIF conversion at the moment, you can still do it yourself with the help of asciinema GIF generator utility - agg.

Once you have it installed, generate a GIF with the following command:

agg https://asciinema.org/a/629374 demo.gif
Copied!

Or, if you already downloaded the recording file:

agg demo.cast demo.gif
Copied!

Check agg --help for all available options. You can change font family and size, select color theme, adjust speed and more.

See agg manual for full usage instructions.