TryHackMe(THM):SQLMAP

目次 Task 1 Introduction Task 2 Using Sqlmap Which flag or option will allow you to add a URL to the command? Which flag would you use to add data to a POST request? There are two parameters: username and password. How would you tell sqlma…

TryHackMe(THM):Pentesting Fundamentals

目次 Task 1 What is Penetration Testing? Read me! Task 2 Penetration Testing Ethics You are given permission to perform a security audit on an organisation; what type of hacker would you be? You attack an organisation and steal their data,…

ryHackMe(THM):Learning Cyber Security

目次 Task 1 Web Application Security Read the above and learn how to hack BookFace, TryHackMe's vulnerable social media site. What is the username of the BookFace account you will be taking over? Hack the BookFace account to reveal this ta…

TryHackMe(THM):Starting Out In Cyber Sec

目次 Task 1 Welcome To TryHackMe Task 2 Offensive Security What is the name of the career role that is legally employed to find vulnerabilities in applications? Task 3 Defensive Security What is the name of the role who's job is to identif…

TryHackMe(THM):Starting Out In Cyber Sec

目次 Task 1 Welcome To TryHackMe Read Me and Proceed! Task 2 Offensive Security What is the name of the career role that is legally employed to find vulnerabilities in applications? Task 3 Defensive Security What is the name of the role wh…

TryHackMe(THM):Shodan.io

目次 Task 1 Introduction Go to Shodan.io Task 2 Filters How do we find Eternal Blue exploits on Shodan? Task 3 Google & Filtering What is the top operating system for MYSQL servers in Google's ASN? What is the 2nd most popular country for …

TryHackMe(THM):Juicy Details

目次 Task 1 Introduction Are you ready? Task 2 Reconnaissance What tools did the attacker use? (Order by the occurrence in the log) What endpoint was vulnerable to a brute-force attack? What endpoint was vulnerable to SQL injection? What p…

TryHackMe(THM):OWASP Juice Shop

目次 Task 1 Open for business! Deploy the VM attached to this task to get started! You can access this machine by using your browser-based machine, or if you're connected through OpenVPN. Once the machine has loaded, access it by copying a…

TryHackMe(THM):MAL: Researching

Task 1 Intro Task 2 Deploy! Task 3 Checksums 101 Name the term for an individual piece of binary What are checksums also known as? Name the algorithm that is next in the series after SHA-256 According to this task, how long will you need t…

TryHackMe(THM):Sakura Room

Task 1 INTRODUCTION Task 2 TIP-OFF What username does the attacker go by? Task 3 RECONNAISSANCE What is the full email address used by the attacker? What is the attacker's full real name? Task 4 UNVEIL What cryptocurrency does the attacker…

TryHackMe(THM):Memory Forensics

Task 1 Introduction Task 2 Login What is John's password? Task 3 Analysis When was the machine last shutdown? What did John write? Task 4 TrueCrypt What is the TrueCrypt passphrase? この記事は、DeepL翻訳を利用して和訳しています。 www.deepl…

TryHackMe(THM):The Cod Caper

Task 1 Intro Task 2 Host Enumeration How many ports are open on the target machine? What is the http-title of the web server? What version is the ssh service? Task 3 Web Enumeration Recommended wordlist: big.txt What is the name of the imp…

TryHackMe(THM):Cat Pictures

Task 1 Deploy the machine! Task 2 Flags, flags, flags! Flag 1 Root Flag Task 1 Deploy the machine! Kali Linuxを起動します。 Task 2 Flags, flags, flags! Flag 1 まずnmapを実行します。 # nmap -p- <$TARGET_IP> 21番ポート(ftp)、22番ポート(ssh)…

TryHackMe(THM):GoldenEye

Task 1 Intro & Enumeration First things first, connect to our network and deploy the machine. Use nmap to scan the network for all ports. How many ports are open? Take a look on the website, take a dive into the source code too and remembe…

TryHackMe(THM):Lian_Yu

目次 Task 1 Find the Flags What is the Web Directory you found? what is the file name you found? what is the FTP Password? what is the file name with SSH password? user.txt root.txt Task 1 Find the Flags What is the Web Directory you found…

TryHackMe(THM):AttackerKB

目次 Task 1 I'm attacking what now? Task 2 Discovering the Lay of the Land Scan the machine with Nmap. What non-standard service can be found running on the high-port? Further enumerate this service, what version of it is running? Visit th…

TryHackMe(THM):BasicPentesting

目次 Task 1 Web App Testing and Privilege Escalation Find the services exposed by the machine What is the name of the hidden directory on the web server(enter name without /)? User brute-forcing to find the username & password What is the …

TryHackMe(THM):Hydra

目次 Task 1 Hydra Introduction Task 2 Using Hydra Use Hydra to bruteforce molly's web password. What is flag 1? Use Hydra to bruteforce molly's SSH password. What is flag 2? この記事は、DeepL翻訳を利用して和訳しています。 www.deepl.com Tas…

TryHackMe(THM):Web Scanning

目次 Task 1 Pull the lever, Kronk! Task 2 ...I'm supposed to scan with that? First and foremost, what switch do we use to set the target host? Websites don't always properly redirect to their secure transport port and can sometimes have di…

TryHackMe(THM):Anonymous

目次 Task 1 Pwn Enumerate the machine. How many ports are open? What service is running on port 21? What service is running on ports 139 and 445? There's a share on the user's computer. What's it called? user.txt root.txt Task 1 Pwn Try to…

TryHackMe(THM):MAL: Malware Introductory

目次 Task 1 What is the Purpose of Malware Analysis? Task 2 Understanding Malware Campaigns What is the famous example of a targeted attack-esque Malware that targeted Iran? What is the name of the Ransomware that used the Eternalblue expl…

TryHackMe(THM):LazyAdmin

目次 Task 1 Lazy Admin What is the user flag? What is the root flag? Task 1 Lazy Admin What is the user flag? とりあえずnmapを実行します。 nmap -sV -sC <$IP> 22番(ssh)と80番(http)の2つのポートが解放されています。 80番ポートが解放されてい…

TryHackMe(THM):OhSINT

目次 Task 1 OhSINT What information can you possible get with just one photo? What is this users avatar of? What city is this person in? Whats the SSID of the WAP he connected to? What is his personal email address? What site did you find …

TryHackMe(THM):c4ptur3-th3-fl4g

目次 Task 1 Translation & Shifting 暗号 : c4n y0u c4p7u23 7h3 f149? 暗号 : 01101100 01100101 01110100 01110011 00100000 01110100 01110010 01111001 00100000 01110011 01101111 01101101 01100101 00100000 01100010 01101001 01101110 01100001 …

TryHackMe(THM):Inclusion

目次 Task 1 Deploy Task 2 Root It user flag Task 1 Deploy Virtual Boxを実行して接続する Task 2 Root It ファイルインクルージョン(File Inclusion)は、Webサーバ上のデータに対し入力検証の不備を突いて不正なスクリプトを挿入する攻撃手法である。 …

TryHackMe(THM):Pickle Rick

目次 Task 1 Pickle Rick What is the first ingredient Rick needs? Whats the second ingredient Rick needs? Whats the final ingredient Rick needs? Task 1 Pickle Rick What is the first ingredient Rick needs? まずnmapを実行 # nmap -sV -sC -v -o…

ハッカーになりたい!

何年も前から「ハッカー」になりたい。と思っているだけでダラダラ毎日過ごしています。本屋で「ハッキング」関連の書籍を購入してページ通り動くと上機嫌。うまくできないと「そのうちできるさ!」なので全然上達しません。(笑) これではいけないと思い、と…