Writeup

    Check out the room https://tryhackme.com/room/thecodcaper Hello everyone  this is another walkthrough blog of tryhackme, this room contains some trick to crack the linux machines root password. Room name : The Cod Caper Machine Type : Linux Task 2  We'll run nmap on the target # nmap -sV -A -p1-1000 -T4 -oN initial <target-machine-ip> Task 3 As recommended in tryhackme the cod caper room we'll use  gobuster  for the directory checking the wordlist for  gobuster  is in the task for downloading. Don't forget to user  -x  flag for specific extension search like ". html, .txt, .php " # gobuster dir -u <target_url> -w "path/of/wordlist" -x ".php" -x flag is important because we have to check the specific extension like ".html, .php" After gobuster directory bruteforcing we have admin page for login but we don't have username and password for login so we have to find the username and password to access the page. Task 4 W...

[ Basics Penetration Testing ] - TRYHACKME.COM   This article is for basics penetration testing  1. Deploy the machine and connect to the tryhackme network. 2. Find the service exposed by the machine. For finding the service here we can use nmap  nmap -sC -sV -oN initial <machine_ip> # Nmap 7.80 scan initiated Sun Sep 27 11:26:39 2020 as: nmap -sC -sV -oN initial 10.10.38.194 Nmap scan report for 10.10 .38.196 Host is up ( 0 .077s latency ) . Not shown: 997 closed ports PORT STATE SERVICE VERSION 22 /tcp open ssh OpenSSH 7 .2p2 Ubuntu 4ubuntu2.4 ( Ubuntu Linux ; protocol 2.0 ) | ssh-hostkey: | 2048 db:45:cb:be:4a:8b:71:f8:e9:31:42:ae:ff:f8:45:e4 ( RSA ) | 256 09:b9:b9:1c:e0:bf:0e:1c:6f:7f:fe:8e:5f:20:1b:ce ( ECDSA ) | _ 256 a5:68:2b:22:5f:98:4a:62:21:3d:a2:e2:c5:a9:f7:c2 ( ED25519 ) 139 /tcp open netbios-ssn Samba smbd 3 .X - 4 .X ( workgroup: WORKGROUP ) 445 /tcp open netbios-ssn Samba smbd 4.3 .11-Ubuntu ( workgroup: WORKGROUP ...

Machine Name: Mr. Robot Difficulty: Medium Link: https://tryhackme.com/room/mrrobot Hello guys This machine is based on the most famous web-series Mr.Robot. This is medium difficulty machine and contains three flags. So let's try capture all three flags one by one. Initial recon As usual we are going to scan all the network using nmap to check which services are running on the IP address. flags used in nmap scan -sV for service version scan -sC for scan with default NSE scripts -oA for output in the three major formats at once nmap -sV -sC -oA mrrobot 10.10.108.7  Only couple of ports are open, have a look in browser at open port 80  An interesting site shown on port 80 use gobuster to scan the whole website and it's directory type the following command in the terminal for start the search. gobuster -t 100 dir -w /usr/share/wordlists/dirbuster/directory-list-2.3-medium.txt -u http://10.10.108.7/ gobuster directory scanning shows many of hosted directory and after scanning rob...