Overpass 2 - Hacked, developed by NinjaJc01, is the sequel to the Overpass series, however, with a DFIR feel and approach towards it. Fortunate for me, this room doesn’t require having completed the first - although I imagine some of the story is wasted on me.

I decided to create a writeup this room in particular for a few reasons:

• Forensics is always a welcome surprise to me
• It’s a great practice room for people who are familiar with network forensics - whilst being approachable for people who are new.
• A large majority of the recognised write-ups are “brain dumps” in my opinion, not explaining any logic or thought - but just stating fact. Which isn’t necessarily bad per se, but for walkthrough rooms there’s always just that bit missing.

I’ll be using TShark - or terminal Wireshark and explaining my thoughts behind the process (filter commands included!)

The following is my reflections and thoughts of TryHackMe’s brand new lab “Throwback”, the first implementation of their “Networks” system. Please prepare for spoilers.

I haven’t had the time nor opportunity to experience pentesting any sort of simulated network such as a Windows corporate environment, only on the sysadmin side of things - so this quite the journey.

This fun-themed room has two point of entries, aimed at teaching you how to utilise a deserialization attack.