TryHackMe - Tasks and Questions to Markdown Converter

If you are managing your training/ctf/... stuff in markdown files like I do, this short function will save you a couple of minutes. 😊

Paste this into your Google Chrome DevTools console and execute getInfo();. The tasks and questions of the current room will be in your clipboard now. Just paste it into your markdown file.

function getInfo() {
  let title = document.getElementById('title').innerText;
  let description = document.getElementById('description').innerText;
  let cards = document.getElementsByClassName('card mb');
  let count = document.getElementsByClassName('card-link').length;
  let list = [];
  list.push('# ' + title + '\n');
  list.push(description + '\n');
  for (i = 1; i <= count; i++) {
    list.push('## ' + cards[i].innerText.split('\n')[0] + '\n');
    for (j = 0; j < cards[i].getElementsByClassName('task-row-question').length; j++) {
      questionNr = cards[i].getElementsByClassName('task-badge')[j].innerText;
      questionText = cards[i].getElementsByClassName('task-row-question')[j].innerText;
      list.push('### ' + questionNr.trim() + ' - ' + questionText.trim() + '\n');
    }
  }
  copy(list.join('\n'));
}

As an example, executing this on Advent of Cyber will copy this to your clipboard:

# Advent of Cyber

Get started with Cyber Security in 25 Days - Learn the basics by doing a new, beginner friendly security challenge every day leading up to Christmas.

## [Task 1] Introduction

### #1 - Read the above.

## [Task 2] Connect To Our Network

### #1 - Practise connecting to our network.

## [Task 3] Points don't matter

### #1 - Read the above

## [Task 4] Our Socials

### #1 - Join the Discord server and say hi!

### #2 - Follow us on Twitter.

## [Task 5] [Optional] Your own Kali Linux Machine

### #1 - Read the above

## [Task 6] [Day 1] Inventory Management

### #1 - What is the name of the cookie used for authentication?

### #2 - If you decode the cookie, what is the value of the fixed part of the cookie?

### #3 - After accessing his account, what did the user mcinventory request?

## [Task 7] [Day 2] Arctic Forum

### #1 - What is the path of the hidden page?

### #2 - What is the password you found?

### #3 - What do you have to take to the 'partay'

## [Task 8] [Day 3] Evil Elf

### #1 - Whats the destination IP on packet number 998?

### #2 - What item is on the Christmas list?

### #3 - Crack buddy's password!

## [Task 9] [Day 4] Training

### #1 - How many visible files are there in the home directory(excluding ./ and ../)?

### #2 - What is the content of file5?

### #3 - Which file contains the string ‘password’?

### #4 - What is the IP address in a file in the home folder?

### #5 - How many users can log into the machine?

### #6 - What is the sha1 hash of file8?

### #7 - What is mcsysadmin’s password hash?

## [Task 10] [Day 5] Ho-Ho-Hosint

### #1 - What is Lola's date of birth? Format: Month Date, Year(e.g November 12, 2019)

### #2 - What is Lola's current occupation?

### #3 - What phone does Lola make?

### #4 - What date did Lola first start her photography? Format: dd/mm/yyyy

### #5 - What famous woman does Lola have on her web page?

## [Task 11] [Day 6] Data Elf-iltration

### #1 - What data was exfiltrated via DNS?

### #2 - What did Little Timmy want to be for Christmas?

### #3 - What was hidden within the file?

## [Task 12] [Day 7] Skilling Up

### #1 - how many TCP ports under 1000 are open?

### #2 - What is the name of the OS of the host?

### #3 - What version of SSH is running?

### #4 - What is the name of the file that is accessible on the server you found running?

## [Task 13] [Day 8] SUID Shenanigans

### #1 - What port is SSH running on?

### #2 - Find and run a file as igor. Read the file /home/igor/flag1.txt

### #3 - Find another binary file that has the SUID bit set. Using this file, can you become the root user and read the /root/flag2.txt file?

### #4 - If you've finished the challenge and want more practise, checkout the Privilege Escalation Playground room created by SherlockSec: https://tryhackme.com/room/privescplayground

## [Task 14] [Day 9] Requests

### #1 - What is the value of the flag?

## [Task 15] [Day 10] Metasploit-a-ho-ho-ho

### #1 - Compromise the web server using Metasploit. What is flag1?

### #2 - Now you've compromised the web server, get onto the main system. What is Santa's SSH password?

### #3 - Who is on line 148 of the naughty list?

### #4 - Who is on line 52 of the nice list?

## [Task 16] [Day 11] Elf Applications

### #1 - What is the password inside the creds.txt file?

### #2 - What is the name of the file running on port 21?

### #3 - What is the password after enumerating the database?

## [Task 17] [Day 12] Elfcryption

### #1 - What is the md5 hashsum of the encrypted note1 file?

### #2 - Where was elf Bob told to meet Alice?

### #3 - Decrypt note2 and obtain the flag!

## [Task 18] [Day 13] Accumulate

### #1 - A web server is running on the target. What is the hidden directory which the website lives on?

### #2 - Gain initial access and read the contents of user.txt

### #3 - [Optional] Elevate privileges and read the content of root.txt

## [Task 19] [Day 14] Unknown Storage

### #1 - What is the name of the file you found?

### #2 - What is in the file?

## [Task 20] [Day 15] LFI

### #1 - What is Charlie going to book a holiday to?

### #2 - Read /etc/shadow and crack Charlies password.

### #3 - What is flag1.txt?

## [Task 21] [Day 16] File Confusion

### #1 - How many files did you extract(excluding all the .zip files)

### #2 - How many files contain Version: 1.1 in their metadata?

### #3 - Which file contains the password?

## [Task 22] [Day 17] Hydra-ha-ha-haa

### #1 - Use Hydra to bruteforce molly's web password. What is flag 1? (The flag is mistyped, its THM, not TMH)

### #2 - Use Hydra to bruteforce molly's SSH password. What is flag 2?

## [Task 23] [Day 18] ELF JS

### #1 - What is the admin's authid cookie value?

## [Task 24] [Day 19] Commands

### #1 - What are the contents of the user.txt file?

## [Task 25] [Day 20] Cronjob Privilege Escalation

### #1 - What port is SSH running on?

### #2 - Crack sam's password and read flag1.txt

### #3 - Escalate your privileges by taking advantage of a cronjob running every minute. What is flag2?

## [Task 26] [Day 21] Reverse Elf-ineering

### #1 - What is the value of local_ch when its corresponding movl instruction is called(first if multiple)?

### #2 - What is the value of eax when the imull instruction is called?

### #3 - What is the value of local_4h before eax is set to 0?

## [Task 27] [Day 22] If Santa, Then Christmas

### #1 - what is the value of local_8h before the end of the main function?

### #2 - what is the value of local_4h before the end of the main function?

## [Task 28] [Day 23] LapLANd (SQL Injection)

### #1 - Which field is SQL injectable? Use the input name used in the HTML code.

### #2 - What is Santa Claus' email address?

### #3 - What is Santa Claus' plaintext password?

### #4 - Santa has a secret! Which station is he meeting Mrs Mistletoe in?

### #5 - Once you're logged in to LapLANd, there's a way you can gain a shell on the machine! Find a way to do so and read the file in /home/user/

## [Task 29] [Day 24] Elf Stalk

### #1 - Find the password in the database

### #2 - Read the contents of the /root.txt file

## [Task 30] [Day 25] Challenge-less

### #1 - Complete another room on TryHackMe.
Show Comments