TryHackMe is an online platform that teaches Cybersecurity through hands-on virtual labs. Whether you are an expert or beginner, learn through a virtual room structure to understand theoretical and practical security elements.
Anthem is an easy challenge on TryHackMe for beginners to explore.
You have to first signup to join the room. There are few simple steps that you can follow in the Signup page. Next follow the steps in the Welcome room to configure the VPN connectivity.
I have connected to TryHackMe network using OpenVPN on Kali Linux. Once you connect, the access page will confirm the status by confirming your IP address and status. Click on Join Room button to access the contents of this room.
Click on Deploy to start the target machine.
The IP address is displayed but wait for 5 minutes so the the machine boots up completely and services are all started. Start enumerating using nmap after 5 mins.
There are many ports open, explore port 80 using a browser. Also we can answer few easy questions on TryHackMe.
Open a browser and explore the web service running on target host.
This looks like a blog and to answer next set of questions, there is a hint on thee TryHackMe.
Check the robots.txt page.
With this information, we can answer few more questions on TryHackMe.
Use gobuster tool to find all the directories and pages. I am using common.txt wordlist to begin with.
Explore each of these directories listed by gobuster. And also don't forget to check the source code of each of these web pages.
Found a flag in the source code of the page.
Found another flag in the authors page. Note down all these flags to answer on TryHackMe.
Here is another clue on the blog dedicated to the administrator. I decided to google it.
Found a name and looks like it is the name of the Administrator. Validate the same on TryHackMe.
To answer next question, use the hint.
There seems to be a pattern for email addresses on this domain. Explore the blog to find an email address.
It can be seen that initials of the first name and last name is used to create email address. Now that we have administrator's name, we can guess the email address of the administrator. Validate the same on TryHackMe.
Look for all the hidden flags in the pages and their source code.
Once all the flags are found, validate them on TryHackMe.
Login with the credentials found. Use RDP service to login. Try Administrator's name or email ID and you have found a password too.
Logged in to the desktop of the user.
User Flag is on the desktop. Validate on TryHackMe.
Looking for root flag, check all the hidden folders and files too for clues.
Check the Hidden Items under view.
Check the backup folder.
Try to access the restore.txt and it gives a warning that you don't have permission. Go to the properties and give the full control to the user SG.
Once the permissions are obtained, you can read the contents of it. And looks like it is password for administrator account.
Navigate to the Administrator's desktop. It may prompt for the credentials. You have found the password already.
Validate the password on TryHackMe too.
The root flag is found on the Administrator's Desktop. Validate the same on the TryHackMe.
Congratulations! You have solved this challenge.
I hope this write-up was informative for you. Please leave a feedback. Thank you
-Srivathsa Dhanvantri
Comentarios