TryHackMe | h4cked

Task 1 | Oh no! We’ve been hacked!

Download the .pcap file and load it up in wireshark.

FTP port 21 connections in pcap
ftp.respons.code
follow tcp stream to reveal password
ftp.command display filter
follow ftp.command TCP stream
TCP stream of STOR revealing shell.php contents
shell.php callback information
shell.php callback
repo

Task 2 | Hack your way back into the machine

First we need to deploy the machine Deploy the machine.

nc listener
shell returned
Escalate to root

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store