Setup for THM AD
Connecting to the network
Download the vpn config file from THM, and use it to configure
sudo openvpn --config ./<some assigned code>-exploitingad.ovpn --daemon
Check PID (you get a number, if not, does not work):
sudo ps aux | grep -v grep | grep -i <some assigned code>-exploitingad.ovpn | awk -v FS=' ' '{print $2}'
Edit DNS configuration
Set your DNS IPv4 to the IP address of the THMCHILDDC in the network diagram (also add 1.1.1.1 for connections to the internet) and run:
sudo systemctl restart NetworkManager
Test hostname lookups
$ dig thmdc.za.tryhackme.loc
; <<>> DiG 9.18.7-1-Debian <<>> thmdc.za.tryhackme.loc
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 468
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4000
;; QUESTION SECTION:
;thmdc.za.tryhackme.loc. IN A
;; ANSWER SECTION:
thmdc.za.tryhackme.loc. 1200 IN A 10.200.60.101
;; Query time: 40 msec
;; SERVER: 10.200.60.101#53(10.200.60.101) (UDP)
;; WHEN: Mon Nov 07 14:15:34 GMT 2022
;; MSG SIZE rcvd: 67
And:
$ nslookup google.com
;; communications error to 10.200.60.101#53: timed out
;; communications error to 10.200.60.101#53: timed out
;; communications error to 10.200.60.101#53: timed out
Server: 1.1.1.1
Address: 1.1.1.1#53
Non-authoritative answer:
Name: google.com
Address: 216.58.214.78
;; communications error to 10.200.60.101#53: timed out
;; communications error to 10.200.60.101#53: timed out
;; communications error to 10.200.60.101#53: timed out
Name: google.com
Address: 2a00:1450:4007:818::200e
Request credentials
Get your credentials from http://distributor.za.tryhackme.loc/creds
.
Jump in
You can now either login with ssh
, for example:
$ ssh za.tryhackme.loc\\<AD Username>@thmwrk1.za.tryhackme.loc
Or by RDP:
$ xfreerdp /v:thmwrk1.za.tryhackme.loc /u:'<AD Username>' /p:'<AD Password>'