TryHackme Labs Notes

-

1. Download File from labs to local machine

You’re trying to download credentials.png from the target (10.201.61.46) onto your Kali machine, but your curl failed because port 80 (HTTP) isn’t open on the victim.

From the victim side (king@ubuntu shell), I notice credentials.png is already present in the directory (ls shows it). So the goal is to exfiltrate it to your attacker machine (Kali).

Here are a few ways to do it:




Comments

Post a Comment

Popular posts from this blog

Windows Privilege Escalation THM Room

-
Image
Windows Privilege Escalation     INTRODUCTION During a penetration test, you will often have access to some Windows hosts with an unprivileged user. Unprivileged users will hold limited access, including their files and folders only, and have no means to perform administrative tasks on the host, preventing you from having complete control over your target. This room covers fundamental techniques that attackers can use to elevate privileges in a Windows environment, allowing you to use any initial unprivileged foothold on a host to escalate to an administrator account, where possible.  If you want to brush up on your skills first, you can have a look through the   Windows Fundamentals Module   or the   Hacking Windows Module .   Windows Privilege Escalation Windows Privilege Escalation Simply put, privilege escalation consists of using given access to a host with "user A" and leveraging it to gain access to "user B" by abusing a weakness in the ta...
Read more

Linux Privilege Escalation THM Room

-
Image
 Linux Privilege Escalation All Task Solution All Task Solution 2   Privilege escalation is a journey. There are no silver bullets, and much depends on the specific configuration of the target system. The kernel version, installed applications, supported programming languages, other users' passwords are a few key elements that will affect your road to the root shell. This room was designed to cover the main privilege escalation vectors and give you a better understanding of the process. This new skill will be an essential part of your arsenal whether you are participating in CTFs, taking certification exams, or working as a penetration tester.   What does "privilege escalation" mean? At it's core, Privilege Escalation usually involves going from a lower permission account to a higher permission one. More technically, it's the exploitation of a vulnerability, design flaw, or configuration oversight in an operating system or application to ga...
Read more

Eternal blue Using Termux

-
Image
  Introduction On 14 April 2017, a hacker group know by the name of Shadow Brokers leaked exploitation toolkit used by the National Security Agency (NSA). The leak was also used as part of a worldwide WannaCry ransomware attack. EternalBlue is also an exploit developed and used by the NSA according to former NSA employees. Lab Environment Target Machine: Windows 7 Ultimate x64 bit Attacker Machine: Android 5.1 What is EternalBlue EternalBlue actually exploits a vulnerabili t y found in Server Message Block (SMB) protocol of Microsoft Windows various platforms. This vulnerability can be found under CVE-2017–0144 in the CVE catalog.The most severe of the vulnerabilities could allow remote code execution if an attacker sends specially crafted messages to a Microsoft Server Message Block 1.0 (SMBv1) server. Windows 7 Operating with Release Effected by EternalBlue For Full List of Operating System Effected by Eternal Blue please : Click Here Installing Metasploit Framework on ...
Read more