📓
Pentesting
  • Writeups
  • HackTheBox
    • Easy Machines
      • Beep Writeup
      • Shocker Writeup
      • Lame Writeup
      • Jerry Writeup
      • Legacy Writeup
      • Blue Writeup
  • TryHackMe
    • Walkthroughs: Easy
      • CC: Steganography
      • Cryptography for Dummies
      • Cross-site Scripting
      • SQL Injection Lab
      • SQL Injection
      • ZTH: Web 2
      • SSRF
      • XXE
      • Authenticate
      • Injection
      • Blaster
      • The Cod Caper
      • Hardening Basics Part 1
      • What the Shell?
      • Game Zone
      • Upload Vulnerabilities
      • Bolt
      • Erit Securus 1
      • CC: Pentesting
      • JavaScript Basics
      • OverPass 2 - Hacked
      • Linux: Local Enumeration
      • Ice
      • Linux Backdoors
      • Avengers Blog
      • DNS in Detail
      • Putting it all together
      • Kenobi
      • Common Linux Privesc
      • Network Services 2
      • Network Services
      • The Hacker Methodology
      • The Find command
      • HTTP in Detail
      • Web Fundamentals
      • How Websites Work
      • Introductory Networking
    • Challenges (CTF): Easy
      • VulNet: Roasted
      • VulNet: Internal
      • Git Happens
      • Kiba
      • VulNet: Node
      • Memory Forensics
      • Smag Grotto
      • Investigating Windows
      • Cat Pictures
      • Juicy Details
      • Anthem
      • Tony The Tiger
      • Jack-of-All-Trades
      • JPGChat
      • Blueprint
      • All in One
      • Gotta Catch'em All
      • Mustacchio
      • Break Out The Cage
      • HeartBleed
      • Poster
      • Madness
      • Source
      • Thompson
      • Library
      • Magician
      • Anonforce
      • Dav
      • GLITCH
      • Fowsniff CTF
      • Team
      • H4cked
      • Easy Peasy
      • ColddBox: Easy
      • Archangel
      • Cyborg
      • Chocolate Factory
      • Brute It
      • Year of the Rabbit
      • ChillHack
      • Gaming Server
      • Brooklyn Nine Nine
      • Wgel CTF
      • Tomghost
      • ToolsRus
      • Skynet
      • Startup
      • Agent Sudo
      • Lian-Yu
      • OhSINT
      • Overpass
      • Crack The Hash
      • Ignite
      • Inclusion
      • Bounty Hunter
      • LazyAdmin
      • RootMe
      • Pickle Rick
      • Basic Pentesting
      • Simple CTF
  • Crackmes.one
    • 1 Difficulty Rating
      • easyAF
      • Easy Keyg3nme
Powered by GitBook
On this page
  • Nmap
  • Netcat
  • Gobuster
  • Nikto
  • Metasploit
  • Setting Up
  • Selecting a module
  • Meterpreter
  • Final Walkthrough
  • Hashing
  • Salting and Formatting
  • Hashcat
  • John The Ripper
  • SQL Injection
  • Sqlmap
  • Samba
  • Smbmap
  • Smbclient
  • Final Exam
  • Scanning
  • Enumeration
  • Exploitation
  • Privilege Escalation

Was this helpful?

  1. TryHackMe
  2. Walkthroughs: Easy

CC: Pentesting

PreviousErit Securus 1NextJavaScript Basics

Last updated 3 years ago

Was this helpful?

Nmap

Lets run nmap scans to find the answers to the questions

Netcat

Gobuster

Lets run gobuster to find the answers to the questions

Nikto

Metasploit

Setting Up

Selecting a module

Meterpreter

Final Walkthrough

Lets select the module and set the options

Lets run the exploit

Hashing

Salting and Formatting

Hashcat

Lets crack the first hash

Lets crack the second hash

John The Ripper

Lets crack the first hash

Lets crack the second hash

SQL Injection

Sqlmap

Samba

Smbmap

Smbclient

Final Exam

Scanning

Lets run some nmap scans to find open ports and services

Enumeration

Lets visit the website

Its a default Apache page, lets run a gobuster scan to find open directories

Lets visit this directory

There is nothing

Lets look for files within this directory.

We find a file called secret.txt . Lets see it.

We have a username and a hash, lets crack it using john the ripper.

Exploitation

Lets login through ssh and read the user flag

Privilege Escalation

Lets run sudo -l to see what we can run as other users.

Ok so we can run "su" as root, lets do it.

We are now root, we can read the root flag