René und IT-Sec

Mein Weg zur IT Sicherheit

Kategorie: Offensive Pentesting

TryHackMe WriteUp – Skynet

17. November 2022 /

https://tryhackme.com/room/skynet

Task 1 Deploy and compromise the vulnerable machine!

Frage 1:
What is Miles password for his emails?

Wir starten mit einem einfachen nmap Scan:

└─$ nmap 10.10.68.67    
Starting Nmap 7.93 ( https://nmap.org ) at 2022-11-17 17:59 CET
Nmap scan report for 10.10.68.67
Host is up (0.068s latency).
Not shown: 994 closed tcp ports (conn-refused)
PORT    STATE SERVICE
22/tcp  open  ssh
80/tcp  open  http
110/tcp open  pop3
139/tcp open  netbios-ssn
143/tcp open  imap
445/tcp open  microsoft-ds

Nmap done: 1 IP address (1 host up) scanned in 2.92 seconds

Wer hätte es gedacht, ein Emailservice ist vorhanden! Weiter geht es mit der Enumeration und SMBMap:

└─$ smbmap -H 10.10.68.67
[+] Guest session       IP: 10.10.68.67:445     Name: 10.10.68.67                                       
        Disk                                                    Permissions     Comment
        ----                                                    -----------     -------
        print$                                                  NO ACCESS       Printer Drivers
        anonymous                                               READ ONLY       Skynet Anonymous Share
        milesdyson                                              NO ACCESS       Miles Dyson Personal Share
        IPC$                                                    NO ACCESS       IPC Service (skynet server (Samba, Ubuntu))
Weiterlesen

TryHackMe WriteUp – Game Zone

15. November 2022 /

https://tryhackme.com/room/gamezone

Task 1 Deploy the vulnerable machine

Frage 1:
What is the name of the large cartoon avatar holding a sniper on the forum?

Der Protagonist aus der Spiele-Serie Hitman!

Antwort 1:
Agent 47

Task 2 Obtain access via SQLi

Frage 1:
When you’ve logged in, what page do you get redirected to?

Wir öffnen die IP der Machine in unserem Browser und geben ‚ or 1=1 — – in das „Log in“ Feld ein und klicken auf „Enter“:

Weiterlesen

TryHackMe WriteUp – Alfred

6. November 2022 /

https://tryhackme.com/room/alfred

Task 1 Initial Access

Frage 1:
How many ports are open? (TCP only)

Erster Schritt: nmap:

└─$ nmap 10.10.37.194                  
Starting Nmap 7.93 ( https://nmap.org ) at 2022-11-06 14:42 CET
Nmap scan report for 10.10.37.194
Host is up (0.048s latency).
Not shown: 997 filtered tcp ports (no-response)
PORT     STATE SERVICE
80/tcp   open  http
3389/tcp open  ms-wbt-server
8080/tcp open  http-proxy

Nmap done: 1 IP address (1 host up) scanned in 4.85 seconds

Antwort 1:
3

Weiterlesen

Impressum

© 2025 René und IT-Sec

Theme von Anders NorénHoch ↑