TryHackMe writeup: Daily Bugle

The Daily Bugle is a fictional tabloid news paper in the Spiderman Universe (Wikipedia Oct. 15, 2022 revision). It is also the inspiration for the TryHackMe room created by the TryHackMe staff that challenges its users to “[c]ompromise a Joomla CMS account via SQLi, practise cracking hashes and escalate your privileges by taking advantage of yum” (“tryhackme” 2020). In this article, I discuss the methodology that I use to gain initial access to the system, steal credentials to gain further access and then employ privilege escalation methods to get root access.