25 Days of Cyber Security | Day 1

Workstation
Virtual Box	VMware Fusion 12.1.1
OS	kali-linux-2021.1

[Day 1] A Christmas Crisis

Introduction

Hi there - your security journey starts here!

The aim of this room is to give you a brief introduction to the technical aspects in Cyber Security by completing a single task every day for 25 days(you can do them at your own pace too). Each task is beginner friendly and assumes no prior knowledge about the specific topic. You'll be learning about the following topics:

• Web Application Security
• Network Security
• Scripting
• Open Source Intelligence (OSINT)
• Defensive Security

After completing this room, you should have an idea about what particular areas of cyber security excite you.

Note: This room is inspired by a Christmas themed event we ran, so do not be alarmed with all the Christmas references!

---

 

Get Connected

On TryHackMe you'll learn by deploying and hacking virtual machines

Lets deploy your AttackBox, a web-based machine used to attack other machines.

 

1. Click the blue "Start AttackBox" button at the top of this room. As a free user you can only deploy the AttackBox for 1 hour per day - Subscribe to remove this limit.

2. Deploy the machine shown on this task and wait 1 minute for it to configure.

3. Copy the IP of the machine that you deployed on this task.

4. Paste the IP into the AttackBox machine's Firefox.

 

Connect to OpenVPN or Deploy The Attack Box

 

1. Click Access Machines

2. Click OpenVPN

3. Click Download

4. Connect OpenVPN

---

Web Exploitation A Christmas Crisis

"The Best Festival Company's brand new OpenVPN server has been hacked. This is a crisis!

 

The attacker has damaged various aspects of the company infrastructure -- including using the Christmas Control Centre to shut off the assembly line!

 

It's only 24 days until Christmas, and that line has to be operational or there won't be any presents! You have to hack your way  back into Santa's account (blast that hacker changing the password!) and getting the assembly line up and running again, or Christmas will be ruined!"

 

*After giving you the assignment, McSkidy hands you the following dossier of important information for the task. Before reading it, you press the big green "Deploy" button to start the Control Centre, as well as the "Start AttackBox" button at the top of the page *

---

Deploy your AttackBox (the blue "Start AttackBox" button) and the tasks machine (green button on this task) if you haven't already. Once both have deployed, open FireFox on the AttackBox and copy/paste the machines IP into the browser search bar.

Register for an account, and then login.

What is the name of the cookie used for authentication?

auth

In what format is the value of this cookie encoded?

Hexadecimal

Having decoded the cookie, what format is the data stored in?

JSON

Figure out how to bypass the authentication.

What is the value of Santa's cookie?

7b22636f6d70616e79223a22546865204265737420466573746976616c20436f6d70616e79222c2022757365726e616d65223a2273616e7461227d

Now that you are the santa user, you can re-activate the assembly line!

What is the flag you're given when the line is fully active?

THM{MjY0Yzg5NTJmY2Q1NzM1NjBmZWFhYmQy}