<aside> 🔖

Table of Contents

</aside>

Project Summary

This project documents my successful exploitation of the MS17-010 (EternalBlue) vulnerability on a Windows target in the TryHackMe Blue room**. I completed all key phases, from reconnaissance and exploitation to privilege escalation, flag capture, and, as an enhancement, I personally added a post-exploitation cleanup phase to simulate a realistic attack workflow. This work enhanced my hands-on penetration testing skills and deepened my understanding of both offensive and defensive cybersecurity tactics.**

🔗View the TryHackMe Blue Room

Introduction

Welcome! This write-up walks you through my detailed technical journey inside the TryHackMe Blue room, where I explored the exploitation of the MS17-010 (EternalBlue) vulnerability on Windows systems.

While the room itself isn’t officially classified as a full boot2root CTF, I approached it as a comprehensive attack simulation. I carefully worked through each stage, from reconnaissance and exploitation to privilege escalation, following a structured workflow designed to mimic real-world attacker behavior.

Beyond simply capturing the three required flags, I deliberately expanded the exercise by adding a post-exploitation cleanup phase. This allowed me to explore how an attacker might attempt to cover their tracks by clearing logs and removing artifacts, transforming the experience into a more thoughtful and realistic learning project.

Whether you’re a fellow learner, a cybersecurity enthusiast, or a hiring manager reviewing this as part of my portfolio, I invite you to follow along through this technical walkthrough. I hope it offers valuable insights, highlights my commitment to continuous growth, and provides a clear look at how I approach challenges in the evolving field of cybersecurity

Note: This write-up includes all the answers to the TryHackMe tasks but presents them through detailed explanations and walkthroughs, rather than as a simple step-by-step answer list. This approach respects TryHackMe’s learning integrity while highlighting my process, reasoning, and technical growth.

Tools I Used

• Nmap : For port scanning and vulnerability identification.
• Metasploit Framework (msfconsole) : To automate the exploitation process.
• John the Ripper : To crack dumped password hashes.

Setup

Throughout this whole project, I worked my way through each task using the TryHackMe target machine and the AttackBox to attack my target, ensuring that everything I used was in a safe environment.

Target and Attackbox IP Addresses: