TryHackMe: Hackpark Room Writeup
Published in
9 min readDec 28, 2020
Bruteforce a websites login with Hydra, identify and use a public exploit then escalate your privileges on this Windows machine! https://tryhackme.com/room/hackpark
Task 1: Deploy the vulnerable Windows machine
Let’s do our usual first step: nmap scan!
export rhost=0.0.0.0 // our target ip
nmap -sV --script vuln $rhost -n | tee nmap-$rhost.out
grep open nmap-$rhost.outWhats the name of the clown displayed on the homepage?
There’s a web server, so let’s go there in the browser:
Doing a reverse google image search gives the name
pennywise
Task 2: Using Hydra to brute-force a login
What request type is the Windows website login form using?
Click on the menu icon and go to the log in page. Open Inspect Element (or use BurpSuite). Then try any credentials. In the network tab, we see the login request.
post
Guess a username, choose a password wordlist and gain credentials to a user account!
