TryHackMe: TakeOver CTF Walkthrough

Posted Aug 9, 2025 Updated Aug 15, 2025

By 0xcracker

1 min read

TryHackMe | TakeOver CTF Challenge

🧰 Writeup Overview

This challenge revolves around subdomain enumeration.

Discovery DNS && Subdomain

Our website is located at https://futurevera.thm

Hint: Don’t forget to add the your-tun0 in /etc/hosts for futurevera.thm

Subdirectories discovery

  
ffuf -u https://futurevera.thm/FUZZ -w /usr/share/wordlists/dirb/common.txt -fc 403,402,404 -c

-c for colors

You can use these files located inside /usr/share/wordlists/seclists/Discovery/DNS/

Subdomains discovery

  
ffuf -w /usr/share/wordlists/seclists/Discovery/Web-Content/common.txt  \
-u https://10.10.77.46 \ # Make sure to put the IP not the domain here in this case, So as not to cause problems
-H "Host: FUZZ.futurevera.thm" \
-fs 4605 -c

When you discover a subdomain, put it in your hosting file /etc/hosts, so you can access it on the web.

Discover results on the web

Here we go, goodbye

TryHackMe

This post is licensed under CC BY 4.0 by the author.

Discovery DNS && Subdomain

Discover results on the web

Trending Tags