TryHackMe - Blue

AMGAMG
3 min read

Introduction:

Welcome to a 'review' for the TryHackMe challenge "Blue"! In this challenge, you will be exploring a vulnerable Windows machine and practicing your penetration testing skills. Using various tools and techniques to gain access to the system, escalate our privileges, and ultimately complete the challenge. This 'walkthrough' will guide you through what you'd expect from the challenge.

One thing to note is that this CTF scenario is very different from the machines available at HTB. At Hack The Box, for better or worse - they leave you to your own devices, this promotes a tonne of trial and error, but also a lot of rabbit holes sending you the wrong way. Here at TryHackMe there is a more guided approach, essentially putting you in the correct space to find the flag as long as you focus on the area they push you towards.

Of course, Blue is the first CTF machine available to me, and perhaps it'll open up further as I go along.

Process:

As I mentioned in the introduction the process itself is very straightforward because it is mostly laid out for you. It is more about actually committing to the techniques provided, working through them until it's successful and getting you the information you need.

Task 1: recon

Task one is all about Nmap and how to use it, if you work back words from their questioning it should be easy to solve when it asked about specific port ranges - we know that we need to add port switches to the Nmap scan. When asking about vulnerabilities on the machine, we know we need to add switches that also probe for vulnerabilities. Keeping this mindset should help solve 'Blue'.

Task 2: Gain Access

Gaining access is all about utilizing the vulnerability found in the recon stage. We do this through Metasploit. From the information provided in these tasks, you should be able to find your way to the correct exploit, once you set the correct option and run the exploit; you should find yourself with a reverse shell connected to the target machine.

Task 3: Escalate

This was the most interesting part of the module and one that I learned a lot from. It deals with sessions and how to essentially run multiple Metasploit exploits on the same session. I haven't done this previously and it was a great walkthrough in the process. Once connected, set that session to the background, line up the next exploit for escalation and exploit.

Task 4: Cracking

This was also very interesting and not something I have done before. This task requires us to use the elevated shell to dump the hash password of the account. Getting the hash was easy, cracking it took a little research.

There are a couple of ways that I found worked for me, both included in my Parrot OS toolset, so that was easy. The first one was Hashcat and the second one was John the ripper. Both of these are easy to use and good to play with and get some experience with.

Task 5: Find the Flags!

Finally, this last task has you sifting through directories and finding flags. Even if you can't make much of the hints, you should be able to find the flags just but browsing around a little.

Conclusion:

There were some definite learnings in this module, it isn't a traditional CTF scenario like I'm used to from Vulnhub or HTB, but it was a nice change of pace. Plus the information on Metasploit sessions was a great skill to learn, will be utilizing that more often.

0
Subscribe to my newsletter

Read articles from AMG directly inside your inbox. Subscribe to the newsletter, and don't miss out.

Written by

AMG
AMG