TryHackMe ! RootMe - PHP Reverse Shell// walk-through

Disclaimer

This is educational purpose video only. I did not harm anyone I just do ctfs and make that walkthrough and explain what of the method here in use, so please don't use this because hacking is crime if you do this then it's can land you in jail.
I'm not support any kind of illegle or malicious hacking.

=================
RootMe

A ctf for beginners, can you root me?
-----------------------------------------

Task 1 Deploy the machine
Connect to TryHackMe network and deploy the machine. If you don't know how to do this, complete the OpenVPN room first.

1 Deploy the machine

Task 2 Reconnaissance
First, let's get information about the target.

1 Scan the machine, how many ports are open?
2 What version of Apache are running?
3 What service is running on port 22?
4 Find directories on the web server using the GoBuster tool.
5 What is the hidden directory?

Task 3 Getting a shell
Find a form to upload and get a reverse shell, and find the flag.
1 user.txt



Task 4 Privilege escalation
Now that we have a shell, let's escalate our privileges to root.
Search for files with SUID permission, which file is weird?
Find a form to escalate your privileges.
root.txt
-----------------------------

00:00-Deploy the machine and start
00:30-Nmap scan to check ports
01:56-searching hidden directory using gobuster tool
02:49-web enumration
03:36-check hidden directory
04:39-searching php-reverse-shell payload
06:42-upload payload on machine and try to get back shell
08:26-update the shell for proper use
10:12-searching user.txt
11:22-i had lost my access so let repate that same process
12:50-privilage esculation
14:02-try to get suid using python
15:57-got root access
16:28-root.txt

-------------------------------
#yesspider

please support me on patreon
  / yesspider  

--------------------------------------------------