Sws101_ctf3

Topic : Dig Dug

Overview

In the “Dig Dug” room on TryHackMe, the objective is to retrieve a flag from a DNS server by making a special DNS request. This involves using DNS enumeration tools to interact with the server and extract the necessary information.

Step-by-Step Solution

1. Start the Machine

To begin, we need to deploy both the vulnerable machine and the TryHackMe AttackBox. Press the green “Start Machine” button to deploy the DNS server, and the blue “Start AttackBox” button to deploy the AttackBox.

2. Get the IP Address of the VM

Once the machine is up and running, note down the IP address of the target DNS server. This can be found on the TryHackMe interface. In case, the IP address is 10.10.43.202.

3. Understand the Task

We need to make a special request for the domain givemetheflag.com to the DNS server at 10.10.43.202.

4. Perform DNS Enumeration Using nslookup

We start by using nslookup to query the DNS server.

5. Perform DNS Enumeration Using dig

For a more detailed query, we can use the dig command. This command provides more comprehensive details about the DNS response, including additional information that nslookup might not show.

The response from the dig command should include the flag.

Summary

This rooom involves deploying a VM, performing DNS enumeration using nslookup and dig, and analyzing the responses to find the flag. These task not only helps in understanding basic DNS queries but also in recognizing how to handle DNS servers in a penetration testing environment.