TryHackMe | Agent Sudo Walkthrough

You found a secret server located under the deep sea. Your task is to hack inside the server and reveal the truth.

This walkthrough is written as a part of Master certificate in cybersecurity (Red Team) that I am pursuing from HackeU.

Reconnaissance

Starting with a nmap scan

We have 3 open ports (21,22 and 80). As port 80 is open we know we have a webpage and we can also use the ssh service to login into the machine if we get the credentials.

Here we have a hint “codename as user-agent” and the codenames are single letters as we see in the above screenshot; Agent R.

Intercepting the traffic in burp and changing the user agent until we get a hit using intruder

For the letter C we get a hit.

Using this as a user agent .

Here we get a username chris

Using hydra to crack the password for chris

hydra -l chris -P /usr/share/wordlists/rockyou.txt <IP> ftp 21

Successfully logged in the system.

Downloading the files to the host system and inspecting it

get <filename>

Checking To_agentJ.txt and we see that the password is stored in the pictures.

Using binwalk

binwalk cutie.png -e

Found 4 files

Cracking .zip file using zip2john

zip2john 8702.zip >test.txt

cracking the hash in test.txt using john and found password to open zip file.

Extracting 8702.zip using 7z

7z e 8702.zip

cat To_agentR.txt

Used cyberchef to crack the hint.

Used steghide to extract hidden message

steghide extract -sf cute-alien.jpg

Found password for agent James

Using the above information for logging into SSH port with user James and found password

ssh james@<targetip>

User_flag.txt

Checking for privileges

sudo -l

Got root access

sudo -u#-1 /bin/bash

root.txt

Thanks for reading.

--

--

--

Computer Science graduate who is passionate about CyberSecurity. An IoT and Crypto enthusiast.

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

Nord VPN Reviews: Nord VPN Free | Free VPN | Best VPN | Nord VPN Download

Cyber Insurance: What You Need To Know — Part 2 — CyberHoot

A Happy Ending for Consenting 401(k) Participants

A Happy Ending for Consenting 401(k) Participants

ZoopR Premium UNT Usernames

Trends that Will Define Data Center Security in 2017 and Beyond

🎊Obsidium Bonus Round🎊

Cyber Defense: Sanjay Gupta of Mitek Systems On The 5 Things Every American Business Leader Should…

⚡ $EZ Bumper farming programs continue ⚡

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Prateek Parashar

Prateek Parashar

Computer Science graduate who is passionate about CyberSecurity. An IoT and Crypto enthusiast.

More from Medium

CS373 Spring 2022: Stacy Jong

CS373 Spring 2022: Maria Gu

Spectre: Security vulnerability

CS371p Spring 2022: Vincent Huynh