GoldenEye | Tryhackme Walkthrough

Bond, James Bond. A guided CTF.

Intro & Enumeration

This room will be a guided challenge to hack the James Bond styled box and get root.

Credit to creosote for creating this VM. This machine is used here with the explicit permission of the creator ❤

So.. Lets get started!

Ques 1: Use nmap to scan the network for all ports. How many ports are open?
Ans 1: 4

Ques 2: Who needs to make sure they update their default password?
Ans 2: boris

Check the source code of the page and redirect to the terminal.js file

Ques 3: Whats their password?
Ans 3: InvincibleHack3r

Its mail time…

Ques 4: Take a look at some of the other services you found using your nmap scan. Are the credentials you have re-usable?
Ans 4: NA

Ques 5: If those creds don’t seem to work, can you use another program to find other users and passwords? Maybe Hydra?Whats their new password?
Ans 5: secret1!

Ques 6: Inspect port 55007, what services is configured to use this port?
Ans 6: telnet

Ques 7: Login using that service and the credentials you found earlier.
Ans 7: NA

Ques 8: What can you find on this service?
Ans 8: emails

Ques 9: What user can break Boris’ codes?
Ans 9: natalya

Ques 10: Using the users you found on this service, find other users passwords
Ans 10: NA

Ques 11: Keep enumerating users using this service and keep attempting to obtain their passwords via dictionary attacks.
Ans 11: NA