TryHackMe Walkthrough :- Anthem

Exploit a Windows machine in this beginner level challenge. This is A beginner-level windows CTF challenge.

You can access the machine from here.

Prerequisites

Before deploying the machine make sure you have you VPN ready.

Now deploy the machine after the VPN is ready.

Reconnaissance

I started by gathering some information and checking what all ports are open by doing a basic nmap scan.

There are 2 ports open 80 and 3389. Port 80 is hosting a web-page and port 3389 is hosting a rdesktop service.

I found the first couple of flags just by looking through the pages and checking the page source.

Along with that sets run dirbuster to find the web directories.

So you can say that is a possible password for some login.

On the page, I saw this poem.

On googling, I found that the author of this poem is

The page said that the poem is about the admin so the admin name might be so I entered that in the task question page and it Accepted.

On one of the pages, we saw the email id of Author Jane Doe as

So it made sense that the email id for would be also

1st Flag

Checking the source code of this current page i.e .

The first flag has been found.

2nd Flag

Checking the source code of page.

3rd Flag

Now to find the 3rd flag we have to go the page.

4th Flag

After Searching for quite a while I discovered that the 4th flag is hidden in the source code of page.

Now Finding the Main Flags

As we already know that we have a port 3389 open, we use the already found credentials to log in.

Username — SG

Password — UmbracoIsTheBest!

We Found our 1st Main Flag.

Now the root flag is hidden inside the Administrator Folder But we dont have access to that folder.

When clicked on continue it is asking for password.

Which I will have to find in-order to get access in that folder and find the 2nd root flag.

There is a backup folder in that has the password required to access the Administrator folder. Enable hidden items folder to view it.

Inside the backup folder there is a restore.txt folder but our user doesn’t have permission to access that file we will have to change permission on this file.

Now you can open the file and see the admin password.

Using this access the Administrator folder and get the root flag.

And the room is completed, leaves some claps if you found this helpful.

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Aditya Kumar

B.Sc IT Graduate with C.E.H certification currently pursuing Offensive Security (Red Team). Passion for MMA and Kick-boxing & Automobile Enthusiast.