TryHackMe: broker

Today we will take a look at TryHackMe: broker. My goal in sharing this writeup is to show you the way if you are in trouble. Please try to understand each step and take notes.

# Do a TCP portscan on all ports with port number greater than 1000 and smaller than 10000! Which TCP ports do you find to be open? (counting up)

Command: sudo nmap -sS -p1001–9999 -T5 10.10.241.119

Ans:1***;8***

# What is the name of the software they use?

Ans:A*******

Get the reverse shell

# Which videogame are Paul and Max talking about?

Ans:H******

# Flag.txt

Command: cat flag.txt

Ans:THM********************

# Root.txt

Replace the Python file with malicious code and run it with sudo authority

Command: echo ‘import pty; pty.spawn(“/bin/bash”)’ > .py

> And now we are the root

“If you have any questions or comments, please do not hesitate to write. Have a good days”

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Al1z4deh:~# echo "Welcome"

Al1z4deh:~# echo "Welcome"

Hello, my name is Elman. I am from Azerbaijan. I wish you a good days