TryHackMe: Advent of Cyber - Day 12 - Sharing Without Caring

1 minute read

This is a write up for the Day 12 - Sharing Without Caring challenge in the Advent of Cyber room on TryHackMe. Some tasks may have been omitted as they do not require an answer.


Scan the target server with the IP 10.10.152.229. Remember that MS Windows hosts block pings by default, so we need to add -Pn, for example, nmap -Pn 10.10.152.229 for the scan to work correctly. How many TCP ports are open?Permalink

Run nmap -Pn 10.10.152.229 -v.

Answer: 7

In the scan results you received earlier, you should be able to spot NFS or mountd, depending on whether you used the -sV option with Nmap or not. Which port is detected by Nmap as NFS or using the mountd service?Permalink

Answer: 2049

How many shares did you find?Permalink

Run showmount -e 10.10.152.229

Answer: 4

How many shares show “everyone”?Permalink

Answer: 3

What is the title of file 2680-0.txt?Permalink

Run mount 10.10.152.229:/share tmp1

There are two txt files in the folder.

Run head 2680-0.txt

Answer: Meditations

It seems that Grinch Enterprises has forgotten their SSH keys on our system. One of the shares contains a private key used for SSH authentication (id_rsa). What is the name of the share?Permalink

Run mount 10.10.152.229:/confidential tmp2

You can see the ssh folder inside this directory.

Answer: confidential

We can calculate the MD5 sum of a file using md5sum FILENAME. What is the MD5 sum of id_rsa?Permalink

Run md5sum id_rsa

Answer: 3e2d315a38f377f304f5598dc2f044de

RecapPermalink

In this task we learnt:

  • More about nmap
  • Investigating NFS

Updated: