https://tryhackme.com/room/skynet
Task 1 Deploy and compromise the vulnerable machine!
Frage 1:
What is Miles password for his emails?
Wir starten mit einem einfachen nmap Scan:
└─$ nmap 10.10.68.67
Starting Nmap 7.93 ( https://nmap.org ) at 2022-11-17 17:59 CET
Nmap scan report for 10.10.68.67
Host is up (0.068s latency).
Not shown: 994 closed tcp ports (conn-refused)
PORT STATE SERVICE
22/tcp open ssh
80/tcp open http
110/tcp open pop3
139/tcp open netbios-ssn
143/tcp open imap
445/tcp open microsoft-ds
Nmap done: 1 IP address (1 host up) scanned in 2.92 secondsWer hätte es gedacht, ein Emailservice ist vorhanden! Weiter geht es mit der Enumeration und SMBMap:
└─$ smbmap -H 10.10.68.67
[+] Guest session IP: 10.10.68.67:445 Name: 10.10.68.67
Disk Permissions Comment
---- ----------- -------
print$ NO ACCESS Printer Drivers
anonymous READ ONLY Skynet Anonymous Share
milesdyson NO ACCESS Miles Dyson Personal Share
IPC$ NO ACCESS IPC Service (skynet server (Samba, Ubuntu))