Content Discovery-Writeup | TryHackMe [Task: 1–6]

Learn the various ways of discovering hidden or private content on a web server that could lead to new vulnerabilities.

Link: https://tryhackme.com/room/contentdiscovery

Task 1: What Is Content Discovery?

What is the content discovery method that begins with M?

Answer: Manually

What is the content discovery method that begins with A?

Answer: Automated

What is the content discovery method that begins with O?

Answer: OSINT

Task 2: Manual Discovery — Robots.txt

What is the directory in the robots.txt that isn’t allowed to be viewed by web crawlers?

Answer: /staff-portal

Task 3: Manual Discovery — Favicon

What framework did the favicon belong to?

Answer: cgiirc

Command to get the hash value of the favicon:

curl https://static-labs.tryhackme.cloud/sites/favicon/images/favicon.ico | md5sum

Get the correct hash, and then check the mentioned website for the framework related to the relevant hash value.

Get the correct hash, and then check the mentioned website for the framework related to the relevant hash value.

Task 4: Manual Discovery — Sitemap.xml

What is the path of the secret area that can be found in the sitemap.xml file?

Answer: /s3cr3t-area

Task 5: Manual Discovery — HTTP Headers

What is the flag value from the X-FLAG header?

Answer: THM{HEADER_FLAG}

Task 6: Manual Discovery — Framework Stack

What is the flag from the framework’s administration portal?

Answer: THM{CHANGE_DEFAULT_CREDENTIALS}

To be Continued…