Bounty Hacker | TryHackMe Writeup


Bounty Hacker is a easy Linux-based machine in tryhackme

User Part

Start with nmaper scan found 3 open ports

Anonymous FTP is allowed, so lets check FTP

I got 2 files from FTP, 1 contains password list and 1 contains username

I checked for ssh brute-forcing and i got correct password

i tried that credentials and got shell, also got user flag

Root Part

I checked for the commands that I can run with root privilege

i used GTFOBins for privilege escalation

i got root shell and root flag as well

Share on facebook
Share on twitter
Share on linkedin