TryHackMe Brooklyn Nine Nine Writeup

3 min readAug 1, 2024

This is a writeup for TryHackMe Brooklyn Nine Nine room.

Brooklyn Nine Nine

This room is aimed for beginner level hackers but anyone can try to hack this box. There are two main intended ways to…

tryhackme.com

My target IP is 10.10.178.103

NMAP

sudo nmap -sS -sV -A 10.10.178.103

nmap results

Three ports are open.

GOBUSTER

gobuster results

Nothing useful in Gobuster.

WEBSITE INSPECTION

main page

page source

Well then lets download image and check it.

time stegseek brooklyn99.jpg rockyou.txt

stegssek

brooklyn99 output

We have holt’s password.

FTP

We are allowed to login as anonymous as we can see in the Nmap results. Therefore, we don’t need to enter a password.

ftp

We found a file and this indicates we may try Hydra.

note_to_jake

HYDRA

hydra -l jake -P rockyou.txt 10.10.178.103 ssh

hydra results

SSH AND USER FLAG

First I will try SSH as jake.

jake ssh

Nothing useful in our directory.

user flag

After a little search, I found user flag.

ROOT FLAG

I will ssh as holt now.

holt sudo -l

We can just read the root flag since holt can run the nano command as sudo.

sudo /bin/nano /root/root.txt

root flag

Sign up to discover human stories that deepen your understanding of the world.

Free

Distraction-free reading. No ads.

Organize your knowledge with lists and highlights.

Tell your story. Find your audience.

Membership

Read member-only stories

Support writers you read most

Earn money for your writing

Listen to audio narrations

Read offline with the Medium app

Tryhackme Walkthrough

Tryhackme Writeup

Written by Meliksah Ercan

No responses yet

Write a response

What are your thoughts?

Also publish to my profile

Recommended from Medium

TryHackMe | ret2libc | WriteUp

In

T3CH

by

Axoloth

TryHackMe | ret2libc | WriteUp

This room teaches basic return-oriented programming (ROP), exploitation of binaries and an ASLR bypass.

Oct 5, 2024

Technex CTF 2025 Writeup

Kishan Jai Soorya N

Technex CTF 2025 Writeup

Author: L0n3_W0lf

Mar 1

Lists

Staff picks

826 stories1649 saves

Stories to Help You Level-Up at Work

19 stories948 saves

Self-Improvement 101

20 stories3355 saves

Productivity 101

20 stories2818 saves

CyberHeroes CTF | TryHackMe CTF Walkthrough

CyferNest Sec

CyberHeroes CTF | TryHackMe CTF Walkthrough

You can access the CyberHeroes room on TryHackMe here.

Jan 18

c4ptur3-th3-fl4g CTF | TryHackMe CTF Walkthrough

CyferNest Sec

c4ptur3-th3-fl4g CTF | TryHackMe CTF Walkthrough

You can access the c4ptur3-th3-fl4g room on TryHackMe here.

Jan 21

TryHackMe | SOC Fundamentals | WriteUp

In

T3CH

by

Axoloth

TryHackMe | SOC Fundamentals | WriteUp

Learn about the SOC team and their processes

Oct 25, 2024

Publisher — TryHackme

asta

Publisher — TryHackme

In “Publisher”, we began by scanning the target with Nmap, identifying an open SSH port and an Apache web server running a SPIP blog…

Feb 16

See more recommendations

Help
Status
About
Careers
Press
Blog
Privacy
Terms
Text to speech
Teams