TryHackMe: broker

Today we will take a look at TryHackMe: broker. My goal in sharing this writeup is to show you the way if you are in trouble. Please try to understand each step and take notes.

# Do a TCP portscan on all ports with port number greater than 1000 and smaller than 10000! Which TCP ports do you find to be open? (counting up)

Command: sudo nmap -sS -p1001–9999 -T5 10.10.241.119

Ans:1***;8***

# What is the name of the software they use?

Ans:A*******

Get the reverse shell

ActiveMQ web shell upload

# Which videogame are Paul and Max talking about?

Ans:H******

# Flag.txt

Command: cat flag.txt

Ans:THM********************

# Root.txt

Replace the Python file with malicious code and run it with sudo authority

Command: echo ‘import pty; pty.spawn(“/bin/bash”)’ > .py

> And now we are the root

“If you have any questions or comments, please do not hesitate to write. Have a good days”

Elman Alizadeh - Azerbaijan Architecture and Construction University - Baku, Baku, Azerbaijan |…