Blog

Hello, and welcome to this post detailing how to solve the TryHackMe room “Cyberheroes“, a beginner room marked as Easy, with an estimated time of 15 minutes to complete.

In this room, you are trying to prove you are worthy of joining an elite club of hackers called CyberHeroes. To do so, you are challenged to find a way to log into their site.

Task 1: Cyberheroes

Start by firing up both the Attackbox (using the button at the upper menu):

And the target machine (which can be done from inside Task 1, by using the “Start Machine” button):

Wait until both machines are up and running. The AttackBox will open up in a side panel of the window, while you can verify the target is up by checking the status bar under “Target Machine Information“:

Checking a bit further down in the task, you can see the question we need to answer to pass the room is:

Uncover the flag!

Once both machines are started, from the AttackBox (which runs Kali Linux), start FireFox and navigate to the URL presented in Task 1 (which will reflect the IP address from the “Target Machine Information” above. In my case, the URL is http://10.10.19.27; yours will likely be different).

There’s not much to go on when checking the Home or About screens, but using the Login link brings us to the login page we are supposed to enter.

A good approach for any hacking challenge is always to check the source code of the page. It can, for instance, show you some of the directories that exist on the target, it might show you which sort of CMS (Content Management System) portal is used to generate the site (which might contain vulnerabilities you could exploit), or sometimes it can contain forgotten developer comments or hints.

To do so, use CTRL + U, which on FireFox will show you the source HTML of the page. Alternatively, you can right-click the screen and select “View Page Source” from the pop-up menu:

In the source code, you will notice a JavaScript function called authenticate():

If you carefully look at line 125-128, a variable called “a” is defined, which is set equal to the “uname” element on the page. The next line defines a variable called “b“, which is set to be the value of the “pass” element.

Just above the function, it shows the elements in the snippet are actually corresponding to the username and password boxes on the Login Form:

Line 127 defines a function called ReverseString, which basically just reverses the order of the string fed into it. So “Apple” would become “elppA”. Pretty simple.

Finally, Line 128 checks if the value of “a” (username) is equal to “h3ck3rBoi“. There’s one part of our puzzle. The next part uses the reverse value of “b” (password) and compares it to the hard-coded value “54321@terceSrepuS“.

Reversing that, it’s obvious the password needed is “SuperSecret@12345“.

Use those credentials to sign into the login page, and click the “Login” button.

That concludes this tutorial. I hope you enjoyed it!

Hello, and welcome to this post detailing how to solve the TryHackMe room “What is Networking“, a beginner room marked as Easy, with an estimated time of 30 minutes to complete.

In this room, you will learn the fundamentals of computer networking.

Task 1: What is networking?

Networks are essentially anything that is connected. The example given in the room is a group of friends who share common interests or hobbies. Networks occur everywhere in real life, like the public transportation system in a city, the power grid, etc.

In the world of computers, networking is understood to mean devices that are connected together and that can communicate with one another. These devices include, but are not limited to phones, PCs, cameras, traffic lights, IOT devices, and even farming.

Question 1: What is the key term for devices that are connected together?

Task 2: What is the Internet?

The Internet is basically just a gigantic network, consisting of many smaller networks. The first iteration of the Internet started as the ARPANET project in the 1960s. It was funded by the US department of Defence.

The Internet as we know it was invented by Tim Berners-Lee, when he created the World Wide Web (WWW), and the general public started using it to share information.

The individual smaller networks are called private networks, with the networks connecting these together are called public networks. The devices on these networks use a set of labels to identify themselves.

Question 2: Who invented the World Wide Web?

Task 3: Identifying Devices on a Network

When devices are in a network, there needs to be a way to identify and track them individually, so traffic can be sent to the proper addressees. In real life, you’d have your name, city, and address to ensure that mail sent to you will reach you.

In a network, the equivalent would be an IP Address. There’s also some information about you that cannot be changed, like your fingerprint. For computers and devices, that would be the MAC (Media Access Control) address

IP Adresses

IP is short for Internet Protocol, and an IP Address is similar to your address, in that it allows for your device to be identified on a network for a period of time.

An IPv4 address is a set of numbers divided into 4 octets. IP addresses can over time be associated with different devices, but they need to be unique across the network at any point in time.

Depending on whether a device is attached to a public or private network, it will have either a public or a private IP address. A public address can be used to identify a device on the Internet.

Take the table & screenshot below as an example. Here we have two devices on a private network:

Device Name	IP Address	IP Address Type
DESKTOP-KJE57FD	192.168.1.77	Private
DESKTOP-KJE57FD	86.157.52.21	Public
CMNatic-PC	192.168.1.74	Private
CMNatic-PC	86.157.52.21	Public

These two devices will be able to use their private IP addresses to communicate with each other. However, any data sent to the Internet from either of these devices will be identified by the same public IP address. Public IP addresses are given by your Internet Service Provider (or ISP) at a monthly fee (your bill!)

With the growth of the Internet rapidly increasing in the last few decades, the amount of available IPv4 addresses was rapidly decreasing. To remedy this problem, a new version of IP Addresses was created: IPv6.

IPv6 supports up to 2^128 addresses (or 340 trillion-plus), which should allow for plenty of devices over time.

The screenshot below compares both an IPv6 and IPv4 address.

MAC Addresses

As stated earlier, every device (or host) attached to a network will have some form of a network interface. This device will have a unique address encoded into it, called a MAC address.

A MAC Address is a 12-character hexadecimal number, split in sections of 2 characters, separated by colons. An example MAC Address is a4:c3:f0:85:ac:2d. The first six characters represent the company that made the network interface, and the last six is a unique number.

One curious thing with MAC Addresses is that they can be spoofed, meaning you can fake the MAC Address to pretend to be another device. This means it’s possible to make devices believe they are communicating with trusted systems, when they really are not.

Question 3: What does the term “IP” stand for?

Question 4: What is each section of an IP address called?

Question 5: How many sections (in digits) does an IPv 4 address have?

Question 6: What does the term “MAC” stand for?

Task 4: Ping (ICMP)

Ping is an extremely valuable tool for network engineers. Ping uses ICMP (Internet Control Message Protocol) packets to verify and determine the performance of a connection between devices.

The time it takes a packet to travel between 2 devices is measured by ping. The measuring is done by using ICMP echo packets and the reply to them from the target.

You can ping either an IP address, or a web address, and the ping tool is available in most of the common Operating Systems. The simple syntax is ping 123.456.789.0.

Here we are pinging a device that has the private address of 192.168.1.254. Ping informs us that we have sent six ICMP packets, all of which were received with an average time of 4.16 milliseconds.

Question 7: What protocol does ping use?

Question 8: What is the syntax to ping 10.10.10.10?

For the last question, you will have to use the “View Site” button at the top of the task:

This will split the screen into 2 sections, with the right-hand side showing an interface where you can add an IP address to ping:

You can enter the IP address in the top bar.

Question 9: What flag do you get when you ping 8.8.8.8?

That concludes this tutorial. I hope you enjoyed it!

Welcome to WordPress. This is your first post. Edit or delete it, then start writing!