If you’re eager to sharpen your offensive and defensive security skills, the “Brains” TryHackMe room offers the perfect challenge. This room focuses on an authentication bypass vulnerability in TeamCity (CVE-2024–27198). We begin by acting as an attacker, exploiting this vulnerability for Remote Code Execution (RCE), capturing a flag, and then switching roles to become the defender. Using Splunk, we analyze logs to trace the attack.
Want to see it in action? Watch the full walkthrough on our YouTube channel!
Why This Room Matters
The Brains room teaches invaluable skills for anyone pursuing a career in penetration testing or incident response. On the attacker side, you’ll exploit TeamCity for RCE — a real-world vulnerability that could expose organizations to significant risks. As a defender, you get hands-on experience using Splunk to uncover malicious activity, which mirrors how modern-day security analysts operate.
In this room, we cover:
- Fuzzing TeamCity for an entry point
