tryhackme CTF walkthrough - basic pentesting

Posted on Nov 7, 2023

description

In this beginner-friendly CTF walkthrough from TryHackMe we will:

  • use nmap to enumerate ports/services
  • use gobuster to discover hidden directories and files on the web server
  • use enum4linux to leak usernames from the smb server
  • brute-force the ssh server using the username and hydra
  • copy another users private ssh key onto our system
  • crack the private key passphrase using john the ripper
  • ssh onto the target box using the private key to obtain a password backup file