> ## Documentation Index
> Fetch the complete documentation index at: https://rootea.es/llms.txt
> Use this file to discover all available pages before exploring further.

# Wekor

> CTF challenge involving Sqli , WordPress , vhost enumeration and recognizing internal services ;)

# Wekor

<p className="machine-summary"><span className="prompt"><code>\$ tldr</code></span> TryHackMe · Challenge · Medium</p>

<div className="machine-meta">
  | ·             | ·                                                  |
  | ------------- | -------------------------------------------------- |
  | Platform      | TryHackMe                                          |
  | Type          | Challenge                                          |
  | Difficulty    | <span className="dbadge dbadge-easy">MEDIUM</span> |
  | Access        | 🟢 Free                                            |
  | Average time  | 75 min                                             |
  | Users         | 8.231                                              |
  | Official room | [Open](https://tryhackme.com/room/wekorra)         |
</div>

## Description

CTF challenge involving Sqli , WordPress , vhost enumeration and recognizing internal services ;)

## Solve the room

| Language | Author        | Format      | Link                                       |
| -------- | ------------- | ----------- | ------------------------------------------ |
| 🇬🇧 EN  | **TryHackMe** | Lab oficial | [Open](https://tryhackme.com/room/wekorra) |

## Resources by skill

| Skill                  | Source      | Link                                                                                                              |
| ---------------------- | ----------- | ----------------------------------------------------------------------------------------------------------------- |
| Subdomain Enumeration  | HackTricks  | [Open](https://book.hacktricks.wiki/en/generic-methodologies-and-resources/external-recon-methodology/index.html) |
| WordPress Exploitation | HackTricks  | [Open](https://book.hacktricks.wiki/en/network-services-pentesting/pentesting-web/wordpress.html)                 |
| Sudo abuse             | GTFOBins    | [Open](https://gtfobins.github.io/#+sudo)                                                                         |
| Sudo abuse             | HackTricks  | [Open](https://book.hacktricks.wiki/en/linux-hardening/privilege-escalation/index.html)                           |
| SQL Injection          | HackTricks  | [Open](https://book.hacktricks.wiki/en/pentesting-web/sql-injection/index.html)                                   |
| SQL Injection          | PortSwigger | [Open](https://portswigger.net/web-security/sql-injection)                                                        |

## Related skills

[Subdomain Enumeration](/en/skills/subdomain-enum) · [WordPress Exploitation](/en/skills/wordpress-exploit) · [Sudo abuse](/en/skills/sudo-abuse) · [SQL Injection](/en/skills/sqli)

***

## Comments & tips

Solved this room a different way? Share it here — comments live in [GitHub Discussions](https://github.com/FFuson/HTB_Writeups/discussions).

<div className="rootea-giscus-wrap" data-giscus-term="thm:tryhackme-wekorra" data-giscus-lang="en" />

*Last updated: 2026-05-09*

<script type="application/ld+json">
  {`{"@context":"https://schema.org","@type":"TechArticle","name":"Wekor","headline":"Wekor — TryHackMe room index","url":"https://rootea.es/en/tryhackme/rooms/wekorra","inLanguage":"en","about":[{"@type":"Thing","name":"TryHackMe"},{"@type":"Thing","name":"Challenge"}],"isPartOf":{"@type":"WebSite","name":"rootea.es","url":"https://rootea.es"},"author":{"@type":"Organization","name":"rootea.es"}}`}
</script>
