V2.8: RustScan, Ciphey & Housekeeping% - (Current) - 22/02/2021
We've updated and included a few popular tools that are long overdue & performed a bit of housekeeping. Notably:
- Everyone's favourite RustScan (2.0.0) has been set up on the machine. Learn how to use it here (please note that we are not providing support for this tool -- it has been installed due to popularity). We've added the convenience of adding an "alias" to make your life easier. For example, you can scan a target using rustscan -a vulnerable_thm_instance_ip_here
- Updated the locally running install of CyberChef (this means that non-subscribers can use CyberChef without internet access - access via the bookmark in Firefox!)
- Updated WPScan's database - now it won't complain to you (for now anyway...)
- A few other miscellaneous updates to keep the AttackBox nice and fresh!
The AttackBox has also had a new face change! Out with the gradient-patterned background -- in with the THM background. Minimalism meets corporate branding 😎
Have a deploy & let us know your thoughts/suggestions via our feedback form! 😎
V2.7: Auto-joining Networks (THM Networks prep) - 12/02/2021
Whilst the AttackBox has always been on the TryHackMe network (requiring no VPN to access normal rooms) - this never applied to networks such as Throwback (where you would have to download your Throwback VPN file onto the machine)
We're glad to announce that the AttackBox now automatically downloads & connects to the TryHackMe networks that your account has access too. For example Holo and Wreath below:
You can view your IP address for the network you wish to work through using the normal access page or via system commands ip addr or ifconfig. Please do not run these using OpenVPN - the AttackBox automatically does this for you.
AoC 2020 - (02/12/2020)
- Installed CyberChef locally so that non-subscribers can use this tool without any internet access. Simply click the bookmark in Firefox like normal
- Added PHP reversehells (/usr/share/wordlists) & other AoC documents (this will be updated as the days progress to avoid spoilers)
- More Wordlists (/usr/share/wordlists)
V2.1: Starkiller & Empire (Pre-AoC 2020) - 30/10/2020
Fixed Starkiller & Empire which did not previously work due to issues with compatibility on the operating system. Empire has been moved to Docker, instructions for use are placed in /root/Instructions/empire-starkiller.txt
V2: The Fixed Metasploit Edition - 24/10/2020
Apologies for the delay in getting this breaking issue resolved...Implementing a fix that wouldn't drastically disrupt how Users interact with the AttackBox wasn't easy. Happy hacking!
Resolved issues with how the PostgreSQL database for Metasploit had a high chance of failing to connect, meaning things like db_nmap could not be used. This was due to conflicts & various configurations needed to "hack" Metasploit into allowing the "root" use Metasploit.
Please do not use "msfdb init" to initialise the database as it will not work. The database is now automatically initialised in a specific way to resolve the aforementioned issue. You can verify that the database is connected by using "db_status" in the Metasploit console - as illustrated below:
An un-successful connection would look like the following screenshot:
Small QoL improvements.
V1.2 - 02/09/2020
Re-installed John to include the full set of tools and Hashcat with the correct OpenCL run times for AWS. You no longer need to use "--force" with Hashcat and will no longer risk false negatives/positives. They can be found in /opt/john and /opt/hashcat respectively
THM IP address of your machine is now displayed in the top-navbar of the Desktop like such:
V1.1 - 01/09/2020
Removed Metasploit 6 and installed Metasploit 5-101 for site compatibility after Rapid7 recommending that Metasploit 6 is not to be shipped to Kali & ParrotOS
"Empire" and "Starkiller" for the release of THM Networks
Installed Docker, Docker Compose, GoBuster, Pwntools, JD-GUI and JADX
Updated and upgraded "APT cache"
"Tools" and "Wordlists" to file explorer bookmarks:
Removed / Fixed:
Errors when "apt updating" due to broken/expired apt sources
V1 - Base