Saihat's Network Security Blog

Introduction Today we're going to be doing a walkthrough for the Attacktive Directory room hosted at https://tryhackme.com/room/ attacktivedirectory . For this walkthrough, we'll be using two virtual machines (VMs), a Kali Linux VM as our attacking machine, and the deployed Windows client as the the victim machine. After the Windows client IP is assigned, we alias the machine as attacktive.thm . Task 1 - Intro - Deploy The Machine Questions: To access the Virtual Machine, you will need to first connect to our network using OpenVPN. Here is a mini walkthrough of getting connected. No answer needed Return to your access page. You can verify you are connected by looking on your access page. Refresh the page. You should see a green tick next to Connected. It will also show you your internal IP address. No answer needed Alternatively, you can deploy the In-Browser Kali or Attack Box and automatically be connected to the TryHackMe Network. No answer needed Once connected to the ...

Introduction Today we're going to be doing a walkthrough for the VulnNet: Roasted room hosted at https://tryhackme.com/room/ vulnnetroasted . For this walkthrough, we'll be using two virtual machines (VMs), a Kali Linux VM as our attacking machine, and the deployed Windows client as the the victim machine. After we're given the IP address of the server, we assign the IP address to the alias vulnnet-roasted.thm . The first thing we'll do is fire off an Nmap scan. nmap -Pn -p-10000 -T4 vulnnet-roasted.thm nmap -Pn -T4 -sV -sC -p53,88,135,139,389,445,464,593,636,3268,3269,9389 vulnnet-roasted.thm This server appears to be domain joined, and being the only (we assume) domain joined server on the network, we can assume that it is also the Domain Controller. Let's test whether or not we can brute-force the usernames from the server using Crackmapexec: crackmapexec smb vulnnet-roasted.thm -u guest -p ‘’ --rid-brute Because the guest account was not ...