Dig Dug | TryHackMe Walkthrough

Briefing:

The machine we are attacking is a DNS server. A DNS server simply assigns a domain, like google.com, to an IP.

To attack the machine, we have to be in the same network. You can either connect using OPENVPN and your configuration file (found here),

or deploy the free attack box by pressing the blue “Start attack box” button.

First step clear, we are in the network.

When we start the machine (press the green “Start Machine” button) we get the IP.

Yours is different!!

Now we know our target.

When we read the introduction, we see, that we have to make a special request for a givemetheflag.com domain. But how do we do it?

Research and attack

Luckily, there are a few other rooms linked.

If we read through “Passive Reconnaissance” we discover this:

Hmmm, seems interesting. Let’s execute it.

Our SERVER is the IP we got to attack (in my case 10.10.43.202) and our DOMAIN_NAME is givemetheflag.com. So the command is:

nslookup givemetheflag.com 10.10.43.202

And there it is. Congratulation, you completed the room!

If we scroll down a little bit, we find the dig syntax:

Dig does nearly the same, but more advanced. If you want to complete the challenge using dig, this will be the syntax:

dig @10.10.43.202 givemetheflag.com

We got the flag, but also a lot more information.