Blue Team Cyber Defender

  If you are unable to get your Kali virtual machine to connect to the TryHackMe network …follow the instructions below to fix the issue Open cmd in your kali machine and run the following command:- sudo ifconfig eth0 mtu 1200 After running this command ..then run the usual… sudo openvpn /path-to-file/file.ovpn The issue is now resolved :)

  An introduction to the main components of the Metasploit Framework. Link :- https://tryhackme.com/room/metasploitintro What is the name of the code taking advantage of a flaw on the target system? Exploit What is the name of the code that runs on the target system to achieve the attacker’s goal? Payload What are self-contained payloads called? Singles Is “windows/x64/pingback_reverse_tcp” among singles or staged payload? Singles How would you search for a module related to Apache? search apache Who provided the auxiliary/scanner/ssh/ssh_login module? todb How would you set the LPORT value to 6666? set LPORT 6666 How would you set the global value for RHOSTS to 10.10.19.23 ? setg RHOSTS 10.10.19.23 What command would you use to clear a set payload? unset PAYLOAD What command do you use to proceed with the exploitation phase? exploit That’s it. See you all in the next room :)

  Are you good enough to apply for this job? Link :- https://tryhackme.com/room/empline Get all the flags to complete the room. Run a nmap scan to check for open ports Port 80 is open. Let us visit it Since this room hints at applying for a job- Let us click on “Employment”. This does not lead anywhere. Check source code of page :- Seems it refers to job.empline.thm/careers Let change our /etc/hosts file and link the IP to this Now the url works:- Click on “Show all jobs” and the “mobile dev” position We can click on “Apply to Position” This page allows us to upload a file. Interesting… Let’s find the OpenCats version by going to jobs.empline.thm:- A google search for exploit for opencats 0.9.4 leads us to an article by doddsecurity(.)com . CVE-2019–13358 Following the exploit method. Create a .docx file using python or libreoffice with some text in the file. In my case the text is “Fun time”. unzip the .docx file and then edit word/document.xml Add the below after first line  <!DOC