tryhackme CTF walkthrough - basic pentesting
description
In this beginner-friendly CTF walkthrough from TryHackMe we will:
- use nmap to enumerate ports/services
- use gobuster to discover hidden directories and files on the web server
- use enum4linux to leak usernames from the smb server
- brute-force the ssh server using the username and hydra
- copy another users private ssh key onto our system
- crack the private key passphrase using john the ripper
- ssh onto the target box using the private key to obtain a password backup file