Description-You talked a big game about being the most elite hacker in the solar system. Prove it and claim your right to the status of Elite Bounty Hacker!

Difficulty-Easy

Link-https://tryhackme.com/room/cowboyhacker

Enumeration

I started with an nmap scan using the flags -A and -T4

After this scan I connected to the ftp port and logged in as anonymous to download the files.

The files called “locks.txt” looks to be a wordlist .

Also the task.txt file gives me a potential username for the target system.

Getting user

Using the wordlist and username ‘lin’ I am going to try and bruteforce the ssh login using a tool called hydra!

As you can see hydra successfully found the password so now I can login to the machine.

Privilege Escalation

Now we have user its time to escalate our privileges so we can read the root flag. If we do “sudo -l” we find that we can run /bin/tar as root. Using gtfobins we can find a way to privesc using this.

Just like that we are now root and we can read the root.txt

My Thoughts

This box is probably the easiest box on tryhackme so I would recommend it for an absolute beginner as they get to do some basic brute forcing and then they can do a simple privilege escalation at the end. These are foundational skills that are very useful so a box like this will help build these skills so for that I definitely recommend it and even though I completed it very fast, I still had a fun time.