🚩
CTF Writeups
  • Introduction
  • VARIOUS CHALLENGES
    • Index
      • Kerberos - Authentication
      • Brooklyn Nine-Nine (room)
  • Cyberweek 2024
    • Index
      • 512 Chats
      • Ave César
      • Base jumping
      • Bit Maze
      • Double glazing
      • Dump local
      • Fichier audio étrange
      • Google Dork
      • Hack 1
      • Hack 4
      • Hexadecimal
      • HTTP
      • Image
      • Message secret Twitter
      • Mot de passe zip
      • Network
      • Où est-il ?
      • Steganomobile
      • The Hashcat Crackers
  • SpookyCTF 2024
    • Index
      • among-us
      • devil's-secret-stash
      • Phenominal-Photo
      • set-your-intentions-right
      • the-moth-flies-at-dawn
      • two-frames-one-champ
      • Well-Met
      • whispers-in-morse
  • BlueHens CTF 2024
    • Index
      • AlgebrarbeglA
      • Bees in Space
      • Inner Demons
      • Intro to OSINT
      • Intro to RSA
      • Intro to Web
      • lists of JSONs
      • Whispers of the Feathered Messenger
      • XS1: XOR without XOR
Powered by GitBook
On this page
  • Challenge
  • Solution
  1. VARIOUS CHALLENGES
  2. Index

Brooklyn Nine-Nine (room)

PreviousKerberos - AuthenticationNextIndex

Last updated 2 months ago

Challenge

This room is aimed for beginner level hackers but anyone can try to hack this box. There are two main intended ways to root the box.

Solution

We only receive an IP address, so we will use on it to check what is running.

We can see there are 3 services open. The SSH will probably be interesting but later since we don't have credentials yet.

But the HTTP service shows there is a website hosted. We open the page in a browser.

There is something interesting in the code source when we inspect the page.

Great! Now we've got a password to work with!

Time to try to connect.

And we're in!

We have found the first flag.

Now we have to find a way to escalate our privilege and become root.

When checking sudo configuration I found something interesting. User holt can run nano as root!

So, first type "sudo nano" which will open the nano editor. Then do CTRL+R and CTRL+X. You should see this at the bottom of your nano editor.

Type this:

reset; sh 1>&0 2>&0

And you should have root access!

Now you only need to move to the root folder and read the root.txt file that is hidden there.

And we have the 2nd flag! Well done.

I then downloaded the picture so I could try some of my steganography tools on it. The only one that gave me something was which was able to extract a txt file.

Using we can just copy/paste their way to gain privileges.

stegseek
GTFOBins
nmap