Tomghost — Write-up
TryHackMe Challenge Link: https://tryhackme.com/room/tomghost Tomghost is an interesting CTF from Stuxnet; it has rather an unusual section after gaining RCE, which makes for a nice break from standard CTF challenges. In this room we’ll be exploiting a vulnerability in Ghostcat and exploring ASCII armour protected PGP encryption keys, followed by a nice easy privilege escalation up to root. Let’s begin! Enumeration: We begin, as always, with enumeration of the machine. Let’s start with an nmap scan: Great, so, we have…