TryHackMe - Steel Mountain - Hacking Walkthrough

Thank you!! one of the best walktroughs ive seen. that little add user at the end was so neat and simple

nadavdvash

Thanks for the walkthrough, I would not have made it through without you, I took notes

EHustleEntertainment

On the manual exploit part, does the webserver have to be on port 80? I have a web server running already and was hoping to do the call back to a different port, but in the exploit I don't see where it specifies port 80.

ellerionsnow

After I upload the ASCService file, I can't restart the service. I just get an "[SC] StartService FAILED 1053: The service did not respond to the start or control request in a timely fashion." I can't figure out where I went wrong. I checked, double checked, triple checked the msfvenom command. Verified upload, verified copy, and verified the service was stopped.

CybrTechGuy

Perfect example of what a Walkthrough should be, with all the ocurrences that may happend (like lagging when you tab the "set payload windows/..."), it happend exactly the same to me.
Thanks!

laureanocavallo

Thanks for the walkthru. It helps a lot.!

danielv

at 8.45 what do you mean upload from the directory that you have powerup???? do you have it by default????
(you didn't show the part where you downloaded it if you did it)

robertlean

Good videos dude, liked and subscribed!

pwnd_drt

Anyone know why I never get a response from the python simple httpserver ? The server is up serving on my tun0 IP address for the THM vpn and I can view the files in a browser, but when I run the python file exactly how is done in this video I get no response from the http server. I think this happens in other situations I've tried to do similar things..

Sam-uxrw

Thanks for this video! I was messing up on the msfvenom creation and upload part -> I was putting in the wrong IP address in the msfvenom command and just generally screwing up the upload and overwrite lol. Thanks again! Great video!

Side note -> I saw that you're a SOC Engineer on your website. I have an interview for a Red Team Operator position with JPMorgan on Tuesday. Do you have tips for the interview that I could use? Thanks again for your help and this video.

dropcake

Thank you for the video. Do you think you would ever do hack the box videos?

hamu.u

wondering if the lab has been updated. I cannot replace ASCService.exe, no rights to do so. I can copy the payload to IObits/Advanced.exe and then execute the "space" in the path exploit. by restarting the service.

swordfishinc

Thanks for video. I learned powershell -c and wget . THM's machines is not stabil always connection lost or not exploitable and later try again exploitable!

ohmatokito

Awesome content my friend gave that like for the support ❤️👍🏻😎

danghost

i cant catch the shell with nc. I do receive a connection but after some time target says: "The service did not respond to the start or control request in a timely fashion." and nc listener closes. With the msf muti handler it works fine. Any ideas ?

ericwenzel

I keep getting the following error: "The service did not respond to the start or control request in a timely fashion" after trying to restart the service with the msfvenom shell. Have been stuck on this part for a while now. Any tips?

giovannitomczak

Hey, great video! And don't listen to anyone, say meterpreter how you want :P

okb

Hi. When i try to exploit the Rejetto remote command execution on metasploit, it says "Exploit Completed but no session was created".

toxic_sorry_

use net stop or net start ... sc did not work for me

jjjww

Great video thx!
You should speak louder

canberkefe