Room Name: Common Attacks Room Link: https://tryhackme.com/room/commonattacks
What was the original target of Stuxnet?
The Iran Nuclear Programme
The static site will display a series of emails and text messages. You will be asked to identify which of these messages are genuine and which are phishing attempts. Once you have successfully identified all of the messages you will be presented with a flag to enter, here.
Good luck!
What is the flag?
THM{I_CAUGHT_ALL_THE_PHISH}
[Research] What currency did the Wannacry attackers request payment in?
Bitcoin
Look at the "Current Word / Hash" section of the hash cracker.
Notice that for each word in the list you entered, the cracker is creating an MD5 hash of the word then comparing it to the Target Hash. If the two hashes match then the password has been found!
The hash cracker should find the password that matches the target hash very quickly.
What is the password?
TryHackMe123!
Where you have the option, which should you use as a second authentication factor between SMS based TOTPs or Authenticator App based TOTPs (SMS or App)?
App
What is the minimum number of up-to-date backups you should make?
3
Of these, how many (at minimum) should be stored in another location?
1