Summary
- The blog highlights a popular beginners’ security contest on TryHackMe called Brooklyn 99, using a pentesting (penetration testing) approach.
- The author first scanned the target network’s ports using Nmap to find open ports; 21 (FTP), 22 (SSH), and 80 (HTTP).
- Next, they conducted an intensive probe of the website on port 80, using Gobuster which brute-forces directories and files.
- Turning to the FTP service, they connected anonymously and grabbed a file called “note_to_jake.txt,” which yielded a clue about users Jake and Amy.
- Using Hydra, a brute-force password tool, anonymous access was obtained for SSH on port 22 as user Jake, thanks to Jake’s password being cracked.
- Using sudo -l showed the command less could be abused to escalate privileges, and consulting GTFOBins provided an exploit to achieve this.
- Finally, with elevated privileges (sudo) captured the root flag and thereby completed the challenge.
By Prajwal
Original Article