This repository contains my comprehensive walkthrough and write-up for the ICE room on TryHackMe. This room focuses on exploiting a vulnerable Windows machine, leveraging misconfigured services, and performing post-exploitation privilege escalation using the Metasploit Framework and Mimikatz.
THM_ICE_Writeup.pdf- Complete step-by-step PDF document covering enumeration, exploitation, and post-exploitation.
- Reconnaissance & Enumeration: Detailed port scanning and service banner grabbing utilizing
nmap. - Vulnerability Analysis: Investigating CVE-2004-1561 affecting old versions of the Icecast streaming media server.
- Initial Access: Utilizing Metasploit (
msfconsole) to deploy a payload and obtain ameterpretershell. - Privilege Escalation: Running local exploit suggesters, migrating processes to
NT AUTHORITY\SYSTEM, and bypassing security controls. - Credential Harvesting: Using the
Kiwi(Mimikatz) extension to dump hashes and cleartext passwords from memory.