Category: TryHackMe

The first thing we will need to do after deploying our target is to scan it.  I am going to use Nmap to scan the target. nmap -p- -sV -T4 –reason 10.10.82.235 -p- is to scan all ports-sV is to scan for the services on the open ports-T4 is how fast you want to scan.  READ MORE

So for this one we will need to perform some enumeration on the machine to discover what port the web server is on.  Hopefully we can gain some information about the web server version through headers, error messages, or through Nmap. Let’s start off my running Nmap against the target.  I will scan all the READ MORE

Looks like we need to help Elf McEager escalate their privileges.  They have gained access to a machine, but need to escalate to the root user.  There are 2 different options when escalating privileges, horizontal and vertical.  Horizontal let’s you move to another user’s account.  This may allow you to access different documents that your READ MORE

Reading the story it seems like Elf McSkidy set up a Samba file server.  I wonder if we can possible abuse that port.  Let’s run our Nmap scans and see what ports are open. It looks like port 139 and port 445 are open.  Let’s try to connect to them, maybe we can use a READ MORE

Our goal is to recreate a hack an attacker did to the server The Best Festival Company (TBFC).  Let’s start off by running Nmap against the IP. Alright we have an FTP server, with anonymous login allowed.  We can login without having to use any accounts!  We also have SSH open.  Let’s login to the READ MORE

Looks like we will be using Nmap for this task.  The first question is when was snort created.  I was shocked at how old this program is.  A quick Google search will provide the answer. Now we need to know what port numbers are running services, so run a nmap scan like so: nmap -p- READ MORE

For this task we are given a pcap file and will need to analyze it in Wireshark.  Wireshark is a very powerful tool, capable of reading network captures, as well as capturing network traffic.  This is great to learning about machines on the network and possibly capturing some juicy data.  Defenders use this a lot READ MORE

Let’s start off by scanning our machine with Nmap. nmap -p- -sV -T 10.10.134.149 All ports (-p-) and services on those ports (-sV) with the 2nd highest scan time (T4) Looks like we have port 22 (ssh) and port 5000 open, which is a web server. Let’s visit the website athttp://10.10.134.149:5000 Looks like we can READ MORE

It looks like we are given a replica site of what the attacker had attacked dumping the gift list.  We will need to see what is on port 8000 and try to dump the database. First we need to locate the website, so let’s run an Nmap scan against our target. nmap -p- -T4 10.10.1.129 READ MORE

Today we will be looking at how to enumerate an HTTP server.  The goal is to find hidden directories and map out the site.  Sometimes there are juicy URLs that you visit to find sensitive information.  First let’s run a quick Nmap scan against our target.  I will use the -T4 option to scan faster READ MORE