Brock, your videos are legitimately the best TryHackMe videos on youtube and it's not even close. You're on another level. Please keep up the good work and don't give up! I wish you the most success on this platform.
hands down one of the best youtube instructors I've found yet. Your videos are to the point, and you are well spoken and easy to understand. These videos are honestly a hidden gem for anyone starting out in cyber.
Hello there, thanks for the video, it really helped. I have a question for you if you're willing to answer it here. It might be dumb but I don't understand why we need a reverse shell here. From my understanding , what we do is the following: 1/ We get access to the user Murphy by connecting through ssh to him 2/ From there we're logged in as Murphy and then we type "sudo su" to have root priviliges. 3/ Then we go back to the attacking machine to create the payload and a server so that we can download the payload from Murphy's side. 4/ We then start listening with multi/handler on the port of our chosing to catch the shell 5/ Finally we can run the payload on Murphy's side that will connect to our attacking machine's port and create a meterpreter session from which we'll be able to control Murphy's machine. If this is correct, then I don't understand why we can't simply control his machine with a simple ssh connection that we established on step 1/. Could you help me understand this please?
TL;DR You get to ssh login to simplify some process. If you were to simply control the machine with the ssh defeats the purpose of the exercise. Longer explanation - The first step basically gave us full control over the target machine. However, the only reason this exercise provided the username and the password is so that you can do the following conveniently 1. download the payload from the attacking machine 2. mark the payload as executable and run it. If you didn't have the privileges already, it would be much harder to do these. In a more realistic example I'd imagine that you will not be provided with root from the get-go, so you'll have to figure out how to download the payload and run it on the target machine, but that's out of scope for this exercise.
Great walkthrough. Unfortunately, I am in the "Exploitation" section - going through the exact steps you are going through, and when I run 'exploit' my target is not vulnerable (rhost, lhost, etc. is all set and shows as yours does) and getting "Exploit completed, but no session was created). Going to study this but wondering if anyone else came across this? Thanks
You have to get the IP addresses on your own machine. I use my own AttackBox, so I use that IP address as LHOST. Each time you run START MACHINE in the room, you are provided with a dynamic IP address that must be used for RHOSTS. Once both of those are set correctly using your own IPs, you SHOULD be able to get a session going. Do yourself a favor though and run show payloads before using 'set payload #'. You'll want to find the reverse tcp with meterpreter in there if you want to rinse/repeat how he got the flag. FOR THE LIFE OF ME I COULD NOT GET THE FLAG TO POP WITHOUT ME ACTUALLY BEING IN THE FOLDER I ran it both using meterpreter AND windows shell meterpreter (linux) command: cat PATH\file.txt or just go cd a bunch until you get to C: before traversing back through to \Users\Jon\Documents\ and then run ' cat flag.txt ' If you're in the windows shell: cd until you get to C: and the traverse to where the file is located. Use ' dir ' to list all the files to verify that you're in the correct folder. Once you see the file, use ' more flag.txt '
Yes! that did it. I used the wrong IP and was able to correct it. Thanks for the reply. When I was on this task, I had been on THM like 3+ hours lol..... sometimes it helps to just step away and revisit. Cheers! @@brettgastelum5330
I use tryhackme attackbox, does anyone else have an issue using a bruteforce attack? iv never been able to use a bruceforece attack on tryhack me but every thing else works perfect. I followed all your commands and it ends in could not connect. I also noticed you didnt specify an rhost for the password attack. how does the module know what ip to attack?
I have a question, at 32:33 I don't get the meterpreter console, but the Windows shell. I have already reviewed all the steps and they are the same as shown in the video. I don't understand why it makes that change. 😥
After messing around, I was able to stablish a meterpreter session by upgrading the Windows shell session with the 'sessions -u 1' command. Then I was able to run the 'search -f flag.txt' command and it returned the path however I could not 'cat' the file because of error "stdapi_fs_stat: Operation failed: The system cannot find the file specified."
meterpreter > shell Process 2304 created. Channel 1 created. Microsoft Windows [Version 6.1.7601] Copyright (c) 2009 Microsoft Corporation. All rights reserved. C:\Windows\system32>type c:\Users\Jon\Documents\flag.txt type c:\Users\Jon\Documents\flag.txt THM-5455554845
I had the same issue, basically I think the guide in tryhackme is old. But after selecting the eternal blue exploit (windows/smb/ms17_010_eternalblue) - don't set any payload type. The default payload type is reverse shell with meterpreter (windows/x64/meterpreter/reverse_tcp). Another person pointed out, after you have the session you can upgrade it to meterpreter using 'sessions -u 1'
![ผัวเถื่อน - ยูริ โตเกียวมิวสิค [ OFFICIAL MUSIC VIDEO ]](http://i.ytimg.com/vi/P08ORRVDGl8/mqdefault.jpg)
Check out my new song! - "Prelude" th-cam.com/video/UUi1af8rxjo/w-d-xo.html
Brock, your videos are legitimately the best TryHackMe videos on youtube and it's not even close. You're on another level. Please keep up the good work and don't give up! I wish you the most success on this platform.
hands down one of the best youtube instructors I've found yet. Your videos are to the point, and you are well spoken and easy to understand. These videos are honestly a hidden gem for anyone starting out in cyber.
dude you are so wholesome. thanks a lot for the help! you earned yourself a golden sub.
Thank you for this guide, appreciate it 🙏 There were some very tricky parts, thanks to following along step by step, I was able to complete the room 😁
Appreciate as always your videos for times when I get stuck!
Only 9k views??? Wow... This is a great video
Hello there, thanks for the video, it really helped.
I have a question for you if you're willing to answer it here.
It might be dumb but I don't understand why we need a reverse shell here.
From my understanding , what we do is the following:
1/ We get access to the user Murphy by connecting through ssh to him
2/ From there we're logged in as Murphy and then we type "sudo su" to have root priviliges.
3/ Then we go back to the attacking machine to create the payload and a server so that we can download the payload from Murphy's side.
4/ We then start listening with multi/handler on the port of our chosing to catch the shell
5/ Finally we can run the payload on Murphy's side that will connect to our attacking machine's port and create a meterpreter session from which we'll be able to control Murphy's machine.
If this is correct, then I don't understand why we can't simply control his machine with a simple ssh connection that we established on step 1/.
Could you help me understand this please?
TL;DR You get to ssh login to simplify some process. If you were to simply control the machine with the ssh defeats the purpose of the exercise.
Longer explanation - The first step basically gave us full control over the target machine. However, the only reason this exercise provided the username and the password is so that you can do the following conveniently 1. download the payload from the attacking machine 2. mark the payload as executable and run it. If you didn't have the privileges already, it would be much harder to do these. In a more realistic example I'd imagine that you will not be provided with root from the get-go, so you'll have to figure out how to download the payload and run it on the target machine, but that's out of scope for this exercise.
Please make more such videos! You are awesome! :D
Great walkthrough. Unfortunately, I am in the "Exploitation" section - going through the exact steps you are going through, and when I run 'exploit' my target is not vulnerable (rhost, lhost, etc. is all set and shows as yours does) and getting "Exploit completed, but no session was created). Going to study this but wondering if anyone else came across this? Thanks
You have to get the IP addresses on your own machine. I use my own AttackBox, so I use that IP address as LHOST. Each time you run START MACHINE in the room, you are provided with a dynamic IP address that must be used for RHOSTS. Once both of those are set correctly using your own IPs, you SHOULD be able to get a session going. Do yourself a favor though and run show payloads before using 'set payload #'. You'll want to find the reverse tcp with meterpreter in there if you want to rinse/repeat how he got the flag.
FOR THE LIFE OF ME I COULD NOT GET THE FLAG TO POP WITHOUT ME ACTUALLY BEING IN THE FOLDER
I ran it both using meterpreter AND windows shell
meterpreter (linux) command: cat PATH\file.txt or just go cd a bunch until you get to C: before traversing back through to \Users\Jon\Documents\ and then run ' cat flag.txt '
If you're in the windows shell: cd until you get to C: and the traverse to where the file is located. Use ' dir ' to list all the files to verify that you're in the correct folder. Once you see the file, use ' more flag.txt '
me too
Did you make sure you set the listening port to the address you get from connecting with your OpenVPN or are you using the AttackBox?
Yes! that did it. I used the wrong IP and was able to correct it. Thanks for the reply. When I was on this task, I had been on THM like 3+ hours lol..... sometimes it helps to just step away and revisit. Cheers!
@@brettgastelum5330
@@brettgastelum5330 attack box
best walkthrough
Can someone explain what we did in msfvenom part, I did get nothing
bro excellent work:))
very useful, thanks.
I use tryhackme attackbox, does anyone else have an issue using a bruteforce attack? iv never been able to use a bruceforece attack on tryhack me but every thing else works perfect. I followed all your commands and it ends in could not connect. I also noticed you didnt specify an rhost for the password attack. how does the module know what ip to attack?
I have a question, at 32:33 I don't get the meterpreter console, but the Windows shell. I have already reviewed all the steps and they are the same as shown in the video. I don't understand why it makes that change. 😥
I have the same issue!
After messing around, I was able to stablish a meterpreter session by upgrading the Windows shell session with the 'sessions -u 1' command. Then I was able to run the 'search -f flag.txt' command and it returned the path however I could not 'cat' the file because of error "stdapi_fs_stat: Operation failed: The system cannot find the file specified."
meterpreter > shell
Process 2304 created.
Channel 1 created.
Microsoft Windows [Version 6.1.7601]
Copyright (c) 2009 Microsoft Corporation. All rights reserved.
C:\Windows\system32>type c:\Users\Jon\Documents\flag.txt
type c:\Users\Jon\Documents\flag.txt
THM-5455554845
same here
I had the same issue, basically I think the guide in tryhackme is old. But after selecting the eternal blue exploit (windows/smb/ms17_010_eternalblue) - don't set any payload type. The default payload type is reverse shell with meterpreter (windows/x64/meterpreter/reverse_tcp). Another person pointed out, after you have the session you can upgrade it to meterpreter using 'sessions -u 1'
Hmm, the THM steps must be old because I could not get a number of things, although I followed along precisely.
Same here.
i don't understand how do you know the port for 16:44
do you use burpsuite at 44.18?