Operation Coldstart TryHackMe CTF Walkthrough
📰 Medium · Cybersecurity
Learn to solve the Operation Coldstart CTF challenge on TryHackMe by following a step-by-step walkthrough, improving your network reconnaissance and vulnerability exploitation skills.
Action Steps
- Update your local DNS to access the staging server using the command 'echo 10.48.175.56 coldstart.thm >> /etc/hosts'
- Run an Nmap scan to discover open ports and services using 'nmap -sS -sC -sV -p- coldstart.thm'
- Analyze the scan results to identify potential vulnerabilities
- Exploit the identified vulnerabilities to gain access to the system
- Use the gained access to explore the system and find flags or complete the challenge objectives
Who Needs to Know This
This walkthrough is beneficial for cybersecurity teams, particularly those involved in penetration testing and vulnerability assessment, as it provides hands-on experience with network reconnaissance and exploitation techniques.
Key Insight
💡 Network reconnaissance and vulnerability exploitation are crucial skills for cybersecurity professionals, and this walkthrough provides practical experience with these techniques.
Share This
Solve the Operation Coldstart CTF challenge on TryHackMe with this step-by-step walkthrough #CTF #TryHackMe #Cybersecurity
Full Article
Title: Operation Coldstart TryHackMe CTF Walkthrough
URL Source: https://medium.com/@C09N1T1V3/operation-coldstart-tryhackme-ctf-walkthrough-7f6290fc1b80?source=rss------cybersecurity-5
Published Time: 2026-06-20T08:38:23Z
Markdown Content:
[Sitemap](https://medium.com/sitemap/sitemap.xml)
[Open in app](https://play.google.com/store/apps/details?id=com.medium.reader&referrer=utm_source%3DmobileNavBar&source=post_page---top_nav_layout_nav-----------------------------------------)
Sign up
[Sign in](https://medium.com/m/signin?operation=login&redirect=https%3A%2F%2Fmedium.com%2F%40C09N1T1V3%2Foperation-coldstart-tryhackme-ctf-walkthrough-7f6290fc1b80&source=post_page---top_nav_layout_nav-----------------------global_nav------------------)
[](https://medium.com/?source=post_page---top_nav_layout_nav-----------------------------------------)
Get app
[Write](https://medium.com/m/signin?operation=register&redirect=https%3A%2F%2Fmedium.com%2Fnew-story&source=---top_nav_layout_nav-----------------------new_post_topnav------------------)
[Search](https://medium.com/search?source=post_page---top_nav_layout_nav-----------------------------------------)
Sign up
[Sign in](https://medium.com/m/signin?operation=login&redirect=https%3A%2F%2Fmedium.com%2F%40C09N1T1V3%2Foperation-coldstart-tryhackme-ctf-walkthrough-7f6290fc1b80&source=post_page---top_nav_layout_nav-----------------------global_nav------------------)

# Operation Coldstart TryHackMe CTF Walkthrough
[](https://medium.com/@C09N1T1V3?source=post_page---byline--7f6290fc1b80---------------------------------------)
[C09N1T1V3](https://medium.com/@C09N1T1V3?source=post_page---byline--7f6290fc1b80---------------------------------------)
Follow
3 min read
·
Jun 20, 2026
[](https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fvote%2Fp%2F7f6290fc1b80&operation=register&redirect=https%3A%2F%2Fmedium.com%2F%40C09N1T1V3%2Foperation-coldstart-tryhackme-ctf-walkthrough-7f6290fc1b80&user=C09N1T1V3&userId=dfaff30a09b1&source=---header_actions--7f6290fc1b80---------------------clap_footer------------------)
[](https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Frepost%2Fp%2F7f6290fc1b80&operation=register&redirect=https%3A%2F%2Fmedium.com%2F%40C09N1T1V3%2Foperation-coldstart-tryhackme-ctf-walkthrough-7f6290fc1b80&user=C09N1T1V3&userId=dfaff30a09b1&source=---header_actions--7f6290fc1b80---------------------repost_header------------------)
[](https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fbookmark%2Fp%2F7f6290fc1b80&operation=register&redirect=https%3A%2F%2Fmedium.com%2F%40C09N1T1V3%2Foperation-coldstart-tryhackme-ctf-walkthrough-7f6290fc1b80&source=---header_actions--7f6290fc1b80---------------------bookmark_footer------------------)
[Listen](https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2Fplans%3Fdimension%3Dpost_audio_button%26postId%3D7f6290fc1b80&operation=register&redirect=https%3A%2F%2Fmedium.com%2F%40C09N1T1V3%2Foperation-coldstart-tryhackme-ctf-walkthrough-7f6290fc1b80&source=---header_actions--7f6290fc1b80---------------------post_audio_button------------------)
Share
Wake up the staging server everyone left behind.

To interact with it, first updated my local DNS:
echo "10.48.175.56 coldstart.thm" >> /etc/hosts
Press enter or click to view image in full size

## Step 1: Network Reconnaissance
With the server accessible, ran an **Nmap scan** to discover open ports and services:
nmap -sS -sC -sV -p- coldstart.thm
* `-sS`: Stealth SYN scan
* `-sC`: Default scripts
* `-sV`: Service version detection
* `-p-`: Scan all 65,535 ports
P
URL Source: https://medium.com/@C09N1T1V3/operation-coldstart-tryhackme-ctf-walkthrough-7f6290fc1b80?source=rss------cybersecurity-5
Published Time: 2026-06-20T08:38:23Z
Markdown Content:
[Sitemap](https://medium.com/sitemap/sitemap.xml)
[Open in app](https://play.google.com/store/apps/details?id=com.medium.reader&referrer=utm_source%3DmobileNavBar&source=post_page---top_nav_layout_nav-----------------------------------------)
Sign up
[Sign in](https://medium.com/m/signin?operation=login&redirect=https%3A%2F%2Fmedium.com%2F%40C09N1T1V3%2Foperation-coldstart-tryhackme-ctf-walkthrough-7f6290fc1b80&source=post_page---top_nav_layout_nav-----------------------global_nav------------------)
[](https://medium.com/?source=post_page---top_nav_layout_nav-----------------------------------------)
Get app
[Write](https://medium.com/m/signin?operation=register&redirect=https%3A%2F%2Fmedium.com%2Fnew-story&source=---top_nav_layout_nav-----------------------new_post_topnav------------------)
[Search](https://medium.com/search?source=post_page---top_nav_layout_nav-----------------------------------------)
Sign up
[Sign in](https://medium.com/m/signin?operation=login&redirect=https%3A%2F%2Fmedium.com%2F%40C09N1T1V3%2Foperation-coldstart-tryhackme-ctf-walkthrough-7f6290fc1b80&source=post_page---top_nav_layout_nav-----------------------global_nav------------------)

# Operation Coldstart TryHackMe CTF Walkthrough
[](https://medium.com/@C09N1T1V3?source=post_page---byline--7f6290fc1b80---------------------------------------)
[C09N1T1V3](https://medium.com/@C09N1T1V3?source=post_page---byline--7f6290fc1b80---------------------------------------)
Follow
3 min read
·
Jun 20, 2026
[](https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fvote%2Fp%2F7f6290fc1b80&operation=register&redirect=https%3A%2F%2Fmedium.com%2F%40C09N1T1V3%2Foperation-coldstart-tryhackme-ctf-walkthrough-7f6290fc1b80&user=C09N1T1V3&userId=dfaff30a09b1&source=---header_actions--7f6290fc1b80---------------------clap_footer------------------)
[](https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Frepost%2Fp%2F7f6290fc1b80&operation=register&redirect=https%3A%2F%2Fmedium.com%2F%40C09N1T1V3%2Foperation-coldstart-tryhackme-ctf-walkthrough-7f6290fc1b80&user=C09N1T1V3&userId=dfaff30a09b1&source=---header_actions--7f6290fc1b80---------------------repost_header------------------)
[](https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fbookmark%2Fp%2F7f6290fc1b80&operation=register&redirect=https%3A%2F%2Fmedium.com%2F%40C09N1T1V3%2Foperation-coldstart-tryhackme-ctf-walkthrough-7f6290fc1b80&source=---header_actions--7f6290fc1b80---------------------bookmark_footer------------------)
[Listen](https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2Fplans%3Fdimension%3Dpost_audio_button%26postId%3D7f6290fc1b80&operation=register&redirect=https%3A%2F%2Fmedium.com%2F%40C09N1T1V3%2Foperation-coldstart-tryhackme-ctf-walkthrough-7f6290fc1b80&source=---header_actions--7f6290fc1b80---------------------post_audio_button------------------)
Share
Wake up the staging server everyone left behind.

To interact with it, first updated my local DNS:
echo "10.48.175.56 coldstart.thm" >> /etc/hosts
Press enter or click to view image in full size

## Step 1: Network Reconnaissance
With the server accessible, ran an **Nmap scan** to discover open ports and services:
nmap -sS -sC -sV -p- coldstart.thm
* `-sS`: Stealth SYN scan
* `-sC`: Default scripts
* `-sV`: Service version detection
* `-p-`: Scan all 65,535 ports
P
DeepCamp AI