Brooklyn Nine Nine in THM is a room based on the show in Netflix by the name it says!!. So let’s start into hacking.Now let’s visit the webpage,while inspecting we can see something about steganography.

Tried with tools like steghide,binwalk and exiftool came up with nothing useful to further enumerate. Let’s find what and all services,ports are open for us.

sudo nmap -A <Taget_IP>

Task 1: Deploy the vulnerable Windows machine

Whats the name of the clown displayed on the homepage?

— >To get this we need to do reverse image lookup.Just google reverse image link and submit the clown image, you will be getting his name.

Let’s enumerate the machine further to know more about it, use nmap to know about open ports and services in them.

sudo nmap -T5 -sC -sV -Pn <target_ip>

This machine is mainly on privilege escalation and lfi vulnerability.To understand the basics of lfi, you can practice in a Tryhackme room.

Let’s start by enumerating the machine, we can use nmap to see open ports and services.

sudo nmap -A <target_ip>

Let’s do what we always do Enumerate and then see if we can escalate our privilege to almighty root! We need to know if any open ports are available and the service in them,we can use nmap to know that.

sudo nmap -T4 -p- -A <Target_IP>

Our objective is to Try to get the two flags! Root the machine by using some basic knowledge of Linux and privilege escalation methods. So let’s boot-up the machine and head onto nmap scan.

sudo nmap -T4 -p- -A <target_ip>

Task 2 Challenges:

Let’s start information gathering about this machine using nmap, nmap scan shows there are 3 ports open 21,22 and 80.

sudo nmap -T4 -p- -sV <target_ip>

Let’s start the machine and head on to the machine_ip.

Task 1 : Pickle Rick

This Rick and Morty themed challenge requires you to exploit a webserver to find 3 ingredients that will help Rick make his potion to transform himself back into a human from a pickle.Let’s Start the machine and head to the target ip. Didn’t found any interesting thing to explore in the home page.Lets view the source code of the page. We found the username for this system.