Blue - TryHackMe Write-up
Info
- Name: Blue
- Description: Deploy & hack into a Windows machine, leveraging common misconfigurations issues.
- Difficulty: Easy
- Room link: https://tryhackme.com/room/blue
Write-up
Task 1
Q: How many ports are open with a port number under 1000?
A: 3
Q: What is this machine vulnerable to? (Answer in the form of: ms??-???, ex: ms08-067)
A: ms17-010
Task 2
Q: Find the exploitation code we will run against the machine. What is the full path of the code? (Ex: exploit/........)
A: exploit/windows/smb/ms17_010_eternalblue
Q: Show options and set the one required value. What is the name of this value? (All caps for submission)
A: RHOSTS
Task 3
Q: If you haven't already, background the previously gained shell (CTRL + Z). Research online how to convert a shell to meterpreter shell in metasploit. What is the name of the post module we will use? (Exact path, similar to the exploit we previously selected)
A: post/multi/manage/shell_to_meterpreter
Q: Select this (use MODULE_PATH). Show options, what option are we required to change?
A: SESSION
Task 4
Q: Within our elevated meterpreter shell, run the command 'hashdump'. This will dump all of the passwords on the machine as long as we have the correct privileges to do so. What is the name of the non-default user?
A: Jon
Q: Copy this password hash to a file and research how to crack it. What is the cracked password?
A: alqfna22
Task 5
Q: Flag1? This flag can be found at the system root.
A:
Q: Flag2? This flag can be found at the location where passwords are stored within Windows.
A:
Q: flag3? This flag can be found in an excellent location to loot. After all, Administrators usually have pretty interesting things saved.
A:
