https://tryhackme.com/room/neighbour

πŸ’­ Thoughts after doing the room

I usually don’t like to say this, but compared to the other rooms I did in the easy category this one was a little bit too easy and short. I think the excellent IDOR written description suffices.

Task 1: Neighbour

Instructions say you have to visit the site in a webbrowser, so I skip nmap for now.

It shows a form and the instructions to press CTRL + U to view the source code.

In the source is the guest user pass so I’ll try that

It then shows this page

First thing I try is to change the URL to the the admin username.

Which … worked