TryHackMe – Tutorial – Walkthrough

This room is a short introduction to rooms on TryHackMe and how to spin-up the virtual machines (VMs) that are needed to complete tasks.

Many tasks on THM require using two VMs at once, so this room provides a short introduction to an important but easy task. Completing this room requires you to click two buttons and navigate to an IP address using a web browser.

This room can be found at: https://tryhackme.com/room/tutorial

Walkthrough

Task 1 – Starting Your First Machine

A virtual machine (VM) is an emulation of a computer. A VM provides the functionality of a computer without having to physically possess another computer. TryHackMe uses virtual machines to allow us to practice lots of different activities. This often requires at least two machines: one that we are attacking, and one that we are using to attack.

There are two virtual machines that you need to spin-up in order to complete this room:

(1) The AttackBox, which can be accessed by clicking the blue ‘Start AttackBox’ button at the top of the room.

(2) The deployable machine in Task 1 (called ‘Test Machine’), which is accessed by clicking the green ‘Start Machine’ button at the top of the Task.

The AttackBox will open in a side view, allowing you access to a Kali Linux machine. This is the machine that we use on TryHackMe to attack other machines.

Virtual machines from tasks (like the one we just started) open up a card at the top of the room with information about the machine’s name and IP address. Whenever we open a machine in a task, we are usually doing so in order to attack that machine using our AttackBox.

In this room, we need to access our deployable machine from our AttackBox. Open the Firefox web browser on the AttackBox.

Next, type ‘http://<IP>’ into the location bar in Firefox, replacing ‘<IP>’ with the IP address of the deployed machine. This IP address can be found in the card at the top of the room.

We can do so by using the Firefox web browser on the AttackBox and navigating to the IP address of the deployable machine.

Question 1

Follow the steps in this task. What is the flag text shown on the website of the machine you started on this task? A flag is just a piece of text that’s used to verify you’ve performed a certain action. In security challenges, users are asked to find flags to prove that they’ve successfully hacked a machine

Walkthrough:

Flag, i.e. capture the flag.

The flag will be on the webpage, just below ‘You can access TryHackMe machines!’.

Answer:

(Highlight below to see answer):

flag{connection_verified}

Conclusion

This short room does a good job of introducing an essential skill that might be confusing to beginners. Thankfully TryHackMe does a good job of making it super easy to access the VMs with the press of a button, which quickly becomes second nature.

A huge thanks to tryhackme for putting this room together!