TryHackMe Network Services 1 Part 2 Telnet

Table of Contents

Welcome to TryHackMe Network Services Walkthrough Part 2, oh yeah! Let’s learn, then enumerate and exploit a variety of network services and misconfigurations, second up is telnet. Watch this Network Services Walkthrough for TryHackMe’s room, Part 2 Telnet.

Task 5 Understanding Telnet

Questions:

  • What is Telnet? application protocol
  • What has slowly replaced Telnet? ssh
  • How would you connect to a Telnet server with the IP 10.10.10.3 on port 23? telnet 10.10.10.3 23
  • The lack of what, means that all Telnet communication is in plaintext? encryption

Task 6 Enumerating Telnet

Questions:

  • How many ports are open on the target machine? 1
  • What port is this? 8012
  • This port is unassigned, but still lists the protocol it’s using, what protocol is this? tcp
  • Now re-run the nmap scan, without the -p- tag, how many ports show up as open? 0
  • Based on the title returned to us, what do we think this port could be used for? a backdoor
  • Who could it belong to? Gathering possible usernames is an important step in enumeration. Skidy

Task 7 Exploiting Telnet

Questions:

  • Great! It’s an open telnet connection! What welcome message do we receive? SKIDY’S BACKDOOR.
  • Let’s try executing some commands, do we get a return on any input we enter into the telnet session? (Y/N) N
  • Now, use the command “ping [local THM ip] -c 1” through the telnet session to see if we’re able to execute system commands. Do we receive any pings? Note, you need to preface this with .RUN (Y/N) Y
  • What word does the generated payload start with? mkfifo
  • What would the command look like for the listening port we selected in our payload? nc -lvp 4444
  • Success! What is the contents of flag.txt? THM{y0u_**********}
About The Author
Ashley Ball

Ashley Ball

“Learn, create, share, repeat.” • IT teacher, former web designer, learning CyberSec • Road to #100DaysOfHacking on Hackers Learning Path.
Share This Article
Share on linkedin
LinkedIn
Share on twitter
Twitter
Share on facebook
Facebook
Share on whatsapp
WhatsApp
Share on email
Email

Monthly Newsletter

Learn about cyber security, hacking guides & python programming.

Leave A Comment

Leave a Reply

Your email address will not be published.

More Content

Monthly Newsletter

Learn about cyber security, hacking guides & python programming.

This site uses cookies and other tracking technologies to assist with navigation, monitor site usage and web traffic, assist with our promotional and marketing efforts, and customize and improve our services, as set out in our privacy policy