Monday is here and we are back at it again with THM!
Today we take on the Phishing room which is part of the THM CompTIA Pentest+ pathway!
We are going to take a little side-step here and do the Hacking with PowerShell room on THM as It is recommended before we do the Windows Local Persistence room & because it’s always good to refresh these topics!
xfreerdp3 /u:Administrator /p:BHN2UVw0Q /v:10.10.90.188 /dynamic-resolution
Get-Command -CommandType Cmdlet | Measure-ObjectGet-FileHash -Algorithm MD5 .\interesting-file.txt.txt
In PowerShell, you can use the Invoke-WebRequest cmdlet to make a request to a web server.
Invoke-WebRequest -Uri "http://example.com"
Get-LocalUser | ForEach-Object {
$sid = (New-Object System.Security.Principal.NTAccount($_.Name)).Translate([System.Security.Principal.SecurityIdentifier]).Value
[PSCustomObject]@{
UserName = $_.Name
SID = $sid
}
} | Format-Table -AutoSize$users = Get-LocalUser | Where-Object { $_.PasswordRequired -eq $false }
$user.Count
Get-NetIPAddress
PS C:> Get-NetTCPConnection -State Listen | ForEach-Object {
$port = $_.LocalPort $processId = $_.OwningProcess $service = Get-Service | Where-Object { $_.Id -eq $processId } [PSCustomObject]@{ Port = $port ProcessId = $processId ServiceName = $service.Name State = $_.State }} | Format-Table -AutoSize
Get-NetTCPConnection -LocalPort 445
Get-HotFixGet-ChildItem -Path C:\ -Include *.bak* -File -Recurse -ErrorAction SilentlyContinueGet-ChildItem C:\* -recurse | Select-String -pattern API_KEYGet-Scheduledtask -TaskName new-sched-taskGet-ACL C:\
$path = 'C:\Users\Administrator\Desktop\emails\*'
$magic_word = 'password'
$exec = Get-ChildItem $path -recurse | Select-String -pattern $magic_word
echo $execfor($i=130; $i -le 140; $i++){
Test-NetConnection localhost -Port $i
}
After this room I was ranked #1 within the Gold league, however my regin will end very soon!
Now we move on to Windows Local Persistence room on THM!
Was unable to perfom these actions via the user1 as it kept timing out but hey It doesn’t really matter.
Flag – THM{FLAG_BACKED_UP!}
We will finish this off tomorrow!
Until next time & don’t sleepwalk through life!
Paalam