Meme Tier VIP
Fleep Tier Donator
Trump Tier Donator
Dank Tier Donator
- Nov 29, 2020
Let's root this TryHackMe Anonymous machine in this walkthrough. This will help us get an understanding of the basics of penetration testing, this is a great beginner linux server to pentest. Might be a samba server based on the open ports.
This video is made by me SystemExploited please subscribe to my channel and follow me on Twitter:
First we run a standard NMAP scan to enumerate the ports and services, finding 4 ports open:
- 21: FTP
- 22: SSH
- 139: SMB
- 445: SMB
Once that's setup, let's start our netcat listener, and boom the cron job executes and we get a shell. Once we bounce into the user's home folder we find the user.txt flag, great. Next up we need to privelage escalate, we're going to start by searching for SUID binaries, which are binaries that execute with elevated permissions even when executed by regular users.
We notice the "/user/bin/env" binary can be abused, so we hit gtfobins and figure out how to use it. Once we run the correct command we can call "whoami" and we are indeed root. So let's peruse the directories and what do we find? /root/root.txt! Boom we got our root flag. I hope you enjoyed this TryHackme Anonymous walkthrough.
Last edited by a moderator: