TryHackMe Brooklyn Nine Nine Walkthrough Tutorial

Channel:

Guided Hacking

Subscribers:

178,000

Published on April 15, 2021 4:09:07 PM ● Video Link: https://www.youtube.com/watch?v=Y7uIKV0egcE

Game:

Nine Nines (2024)

Category:

Walkthrough

Duration: 7:50

3,764 views

0

This Brooklyn Nine-Nine tutorial walks you through all the intended methods to successfully root this box from TryHackMe Brooklyn Nine-Nine box by showing all the methods and going through in detail on what you can do to achieve to root this machine.

Discussion: https://guidedhacking.com/threads/tryhackme-brooklyn-nine-nine-walkthrough.17053/
Donate on our Forum : http://bit.ly/2HkOco9
Support us on Patreon : http://bit.ly/38mnveC

TryHackMe is an online platform that uses short, gamified real-world labs to teach cybersecurity. TryHackMe has content for complete beginners as well as experienced hackers, with guides and challenges to accommodate various learning styles. The Brooklyn Nine-Nine task is an exercise on the TryHackMe platform which tests the learner’s ability to exploit a vulnerable web server. The exercise was successfully completed as follows

This Brooklyn Nine-Nine tutorial walks you through all the intended methods to successfully root this box from TryHackMe Brooklyn Nine-Nine box by showing all the methods and going through in detail on what you can do to achieve to root this machine.

TryHackMe is an online platform that uses short, gamified real-world labs to teach cybersecurity. THM has content for complete beginners as well as experienced hackers, with guides and challenges to accommodate various learning styles. The Brooklyn Nine-Nine task is an exercise on the TryHackMe platform which tests the learner’s ability to exploit a vulnerable web server. The exercise was successfully completed as follows

The first method of this TryHackMe Brooklyn Nine Nine Walkthrough:

Nmap is run with the command 'nmap -sV -Pn 10.10.232.158' to view all open ports on the remote server. The response from the Nmap scan reveals that ‘80’ (HTTP) and ‘22’ (SSH) , and '21' (FTP) are open. Now we used the 'ftp' service and we have successfully got into the system by exploitable a misconfiguration that allows Anonymous login.

We listed the files by doing 'ls' and we see a txt file then I used the 'get' command to download the 'txt' file on my system and then I read the contents of the file and it gave us a hint that the username "jake" has a weak password. so what we did was Bruteforce the ssh password for the username jake using a famous tool called hydra.

We have successfully brute-forced the password, and we have successfully gained access to the server on the SSH service, and as you can see we got our user flag. that was found in the /home/holt/ directory

Now we need to privilege escalate to gain root access so I started enumeration sudo permissions by running the command sudo -l by doing that I Have found that we the less command can be executed with sudo permissions, yes right it feels good to see this as a hacker. Now I directly went to a site called GTFOBins which has a curated list of Unix binaries that can used to bypass local security restrictions in misconfigured systems. and I have found a command that exploits the less command and was able to gain root on the system.

The second method of this TryHackMe Brooklyn Nine Nine tutorial:

Nmap is run with the command 'nmap -sV -Pn 10.10.232.158' to view all open ports on the remote server. The response from the Nmap scan reveals that ‘80’ (HTTP) and ‘22’ (SSH) , and '21' (FTP) are open. I directly went and started enumerating the web server that is running on port 80 it had a default page. Nothing was really intresting just the Brooklyn Nine Nine series cover. then I checked the source of the page by doing 'CTRL+U' Then a message was found that said "Have you ever heard of steganography?" , I quickly came back to the main page and downloaded the Brooklyn Nine Nine series cover that was found on the webpage.

I used a tool called steghide to extract the hidden files in the image by running 'steghide extract -sf brooklyn.jpg` and then we got an error because the image was password protected. So I used a tool called stegcracker that cracked the password using the rockyou.txt file and we have successfully extracted the secret messaged embedded into the image and we got Holts password. Then I got access to the remote server by logging in through SSH. and if we do ls we will get the user flag.

Now we need to privilege escalate to gain root access so I started enumeration sudo permissions by running the command sudo -l by doing that I Have found that we can use /bin/nano with sudo permissions.Now I directly went to a site called GTFOBins which has a curated list of Unix binaries that can used to bypass local security restrictions in misconfigured systems. and I have found a command that exploits nano by opening a shell inside the nano editor. and I was able to gain root.

Follow us on Facebook : http://bit.ly/2vvHfhk
Follow us on Twitter : http://bit.ly/3bC7J1i
Follow us on Instagram : http://bit.ly/2SoDOlu
#TryHackMe #PenetrationTesting #EthicalHacking

Other Statistics