Brock, your videos are legitimately the best TryHackMe videos on youtube and it's not even close. You're on another level. Please keep up the good work and don't give up! I wish you the most success on this platform.
Great walkthrough. Unfortunately, I am in the "Exploitation" section - going through the exact steps you are going through, and when I run 'exploit' my target is not vulnerable (rhost, lhost, etc. is all set and shows as yours does) and getting "Exploit completed, but no session was created). Going to study this but wondering if anyone else came across this? Thanks
You have to get the IP addresses on your own machine. I use my own AttackBox, so I use that IP address as LHOST. Each time you run START MACHINE in the room, you are provided with a dynamic IP address that must be used for RHOSTS. Once both of those are set correctly using your own IPs, you SHOULD be able to get a session going. Do yourself a favor though and run show payloads before using 'set payload #'. You'll want to find the reverse tcp with meterpreter in there if you want to rinse/repeat how he got the flag. FOR THE LIFE OF ME I COULD NOT GET THE FLAG TO POP WITHOUT ME ACTUALLY BEING IN THE FOLDER I ran it both using meterpreter AND windows shell meterpreter (linux) command: cat PATH\file.txt or just go cd a bunch until you get to C: before traversing back through to \Users\Jon\Documents\ and then run ' cat flag.txt ' If you're in the windows shell: cd until you get to C: and the traverse to where the file is located. Use ' dir ' to list all the files to verify that you're in the correct folder. Once you see the file, use ' more flag.txt '
Yes! that did it. I used the wrong IP and was able to correct it. Thanks for the reply. When I was on this task, I had been on THM like 3+ hours lol..... sometimes it helps to just step away and revisit. Cheers! @@brettgastelum5330
Hello there, thanks for the video, it really helped. I have a question for you if you're willing to answer it here. It might be dumb but I don't understand why we need a reverse shell here. From my understanding , what we do is the following: 1/ We get access to the user Murphy by connecting through ssh to him 2/ From there we're logged in as Murphy and then we type "sudo su" to have root priviliges. 3/ Then we go back to the attacking machine to create the payload and a server so that we can download the payload from Murphy's side. 4/ We then start listening with multi/handler on the port of our chosing to catch the shell 5/ Finally we can run the payload on Murphy's side that will connect to our attacking machine's port and create a meterpreter session from which we'll be able to control Murphy's machine. If this is correct, then I don't understand why we can't simply control his machine with a simple ssh connection that we established on step 1/. Could you help me understand this please?
TL;DR You get to ssh login to simplify some process. If you were to simply control the machine with the ssh defeats the purpose of the exercise. Longer explanation - The first step basically gave us full control over the target machine. However, the only reason this exercise provided the username and the password is so that you can do the following conveniently 1. download the payload from the attacking machine 2. mark the payload as executable and run it. If you didn't have the privileges already, it would be much harder to do these. In a more realistic example I'd imagine that you will not be provided with root from the get-go, so you'll have to figure out how to download the payload and run it on the target machine, but that's out of scope for this exercise.
hands down one of the best youtube instructors I've found yet. Your videos are to the point, and you are well spoken and easy to understand. These videos are honestly a hidden gem for anyone starting out in cyber.
I have a question, at 32:33 I don't get the meterpreter console, but the Windows shell. I have already reviewed all the steps and they are the same as shown in the video. I don't understand why it makes that change. 😥
After messing around, I was able to stablish a meterpreter session by upgrading the Windows shell session with the 'sessions -u 1' command. Then I was able to run the 'search -f flag.txt' command and it returned the path however I could not 'cat' the file because of error "stdapi_fs_stat: Operation failed: The system cannot find the file specified."
meterpreter > shell Process 2304 created. Channel 1 created. Microsoft Windows [Version 6.1.7601] Copyright (c) 2009 Microsoft Corporation. All rights reserved. C:\Windows\system32>type c:\Users\Jon\Documents\flag.txt type c:\Users\Jon\Documents\flag.txt THM-5455554845
I had the same issue, basically I think the guide in tryhackme is old. But after selecting the eternal blue exploit (windows/smb/ms17_010_eternalblue) - don't set any payload type. The default payload type is reverse shell with meterpreter (windows/x64/meterpreter/reverse_tcp). Another person pointed out, after you have the session you can upgrade it to meterpreter using 'sessions -u 1'
I use tryhackme attackbox, does anyone else have an issue using a bruteforce attack? iv never been able to use a bruceforece attack on tryhack me but every thing else works perfect. I followed all your commands and it ends in could not connect. I also noticed you didnt specify an rhost for the password attack. how does the module know what ip to attack?
