thejcksn

  Welcome back one and all! I hope you have had a great weekend full of malware, ducky scripts and reverse shells. Today we are going to be looking at the CC: Pen Testing box from  TryHackMe . This room is huge, and covers a whole range of Pentesting tools including: Nmap Netcat Gobuster Nikto Metasploit Meterpreter Hashcat John The Ripper Sqlmap Smbmap Smbclient Impacket There are several questions relating to every tool listed, and the answers to almost all of these questions can be found using the tools 'man' or '--help' pages, so I won't go into all the answers for these. I am instead going to concentrate on the "Final Exam", which is a CTF at the end of the room, combining all your freshly absorbed hacking knowledge. So without further ado, get yourself comfy and caffeinated and lets go! As always, we start with an nmap scan. We need to know what we are dealing with here. No firewalls or pesky admins checking logs to deal with, so we can go full aggre