Hackin’ Telnet
In this video, we will be working through the spoiler free nine steps needed to complete the TryHackMe Network Services Telnet Challenge.
This is part two of six on the TryHackMe Network Services video walkthrough, spoiler free mapping to the MITRE ATT&CK Matrix. As we go through this video, see if you can discover which of the nine steps is the root cause for this entire attack chain. And if you can't, that's fine. We'll go through the root cause at the end and kind of detail it a little bit.
[00:00:30] Christopher: Also, don't forget to subscribe to help support the channel so we can make more content like the video you're watching right now. The graphic in this video that you see is linked in the description.
All right, phase one of three. We're gonna start with network service scanning, which leads to local account discovery. From local account discovery, we step into an opportunity for a UNIX shell, which we can use for remote system discovery.
Moving into phase two of three, we're gonna stage some capabilities and then move back to the Unix shell. We'll do something and then establish an encrypted channel back to our attack box.
And this leads us to the final phase using our encrypted channel. We connected the victim, host and exfil some data, which is the flag for the challenge.
So if we walk back through all nine steps, they are. Find an account, use that account with a command and scripting interpreter. Discover a remote system
stage capabilities on our local box. Use the Unix shell to establish encrypted comms back to our attack box,
and then use that encrypted channel to exfil the flag.
Okay, so we talked about the root cause at the beginning, so what is it? Well, it's step three T1059.004 UNIX Shell, and this is part of the command and scripting interpreter technique As a cyber professional, addressing the vulnerabilities in step three stops this entire attack chain early on.
So also be on the lookout for a 60 Second Attack detailing that specific attack TTP out soon and eventually will be linked in the description for this.
So that is the TELNET portion of the network services TryHackMe Challenge. Thank you for watching and don't forget to like and subscribe or drop any comments on the video to talk about maybe what other types of attacks you would want to see for either try hack me or hack the box.
Again, these will all be no spoiler walkthroughs, so think of it like an escape room challenge. Thanks.