TryHack3M: Sch3Ma D3Mon | Write Up | Q&A

Link Room : https://tryhackme.com/r/room/sch3mad3mon

Task 1: A Public Computer with a VPN

Q : What is the suspect’s username?

A : lannister

Q : hrpTfL42wMv3

Task 2 : Connected Tables

Q : What does RDBMS stand for?

A: Relational Database Management System

Q : What does CRUD stand for?

A : Create Read Update Delete

Q : What does SQL stand for?

A : Structured Query Language

Task 3 : Unlisted

Q : What’s the hidden path?

A : os_sqli.php

Task 4 : From DB to OS

Q : What is the output of pwd when run via an SQL injection attack?

A : /var/lib/mysql

Task 5 : Finding a Needle in a Malwarestack

Q : What is the malware’s location?

A : /home/products/malware/4sale/pal4t1n3/MisterMeist3r/2DC6C0

Task 6 : Operation Defang

Q : What programming language was used to develop the malware?

A : nim

Q : Reading the source code, what file type is added to the end of encrypted files?

A : .boogey

Q : What is the flag that appears after compiling the defanged malware?

A : THM{3FDbU2nNy2FW7yMvMoH6WTMMM}