{"id":11695,"date":"2024-03-18T15:36:51","date_gmt":"2024-03-18T10:06:51","guid":{"rendered":"https:\/\/reconforce.in\/blog\/?p=11671"},"modified":"2024-03-18T15:36:51","modified_gmt":"2024-03-18T10:06:51","slug":"brooklyn-nine-nine-ctf-2024-walkthrough","status":"publish","type":"post","link":"https:\/\/reconcybersecurity.com\/blogs\/brooklyn-nine-nine-ctf-2024-walkthrough\/","title":{"rendered":"Brooklyn Nine Nine CTF 2024 – Walkthrough"},"content":{"rendered":"\n

Introduction to Brooklyn Nine Nine CTF<\/strong><\/h2>\n\n\n\n

Welcome to the Brooklyn Nine Nine CTF Walkthrough! In this guide, we’ll explore step-by-step how to conquer challenges inspired by the popular TV show. Whether you’re a seasoned cybersecurity enthusiast or a beginner eager to learn, this walkthrough will break down each task into simple, easy-to-follow steps. Get ready to test your skills, unravel clues, and emerge victorious in the ultimate cyber adventure based on Brooklyn Nine Nine!<\/p>\n\n\n\n

Setup Environment<\/strong><\/h2>\n\n\n\n
\n

TryHackMe | Brooklyn Nine Nine<\/strong><\/p>\n\n\n\n

TryHackMe is an online platform for learning and teaching cyber security, all through your browser.<\/p>\n\n\n\n

tryhackme.com<\/p>\n<\/div>

\"Brooklyn<\/a><\/figure><\/div>\n\n\n\n
    \n
  1. Via VulnHub:<\/strong> Download Brooklyn Nine Nine<\/strong> machine onto your local device, install it on a virtualization platform such as VirtualBox, configure the network settings, and initiate the attack.<\/li>\n\n\n\n
  2. Through TryHackMe:<\/strong> Alternatively, access to this machine is possible via TryHackMe. Download the VPN configuration file to your device and utilize openvpn with the specified command:<\/li>\n<\/ol>\n\n\n\n
    \"\"<\/figure>\n\n\n\n

    You should see this line at the end of the code\u2026<\/p>\n\n\n\n

    \"\"<\/figure>\n\n\n\n

    Alternatively, leverage the Attackbox offered by THM. A VPN connection is necessary since both our machine and the target machine need to be on the same network for effective attacks. <\/p>\n\n\n\n

    Once all prerequisites are in place, we\u2019re set to initiate the scan on the target machine.<\/p>\n\n\n\n

    Brooklyn Nine Nine CTF Challenges<\/strong><\/h2>\n\n\n\n

    Scanning IP with Nmap<\/strong><\/p>\n\n\n\n

    After setting up the machine, our initial step is to scan its IP address using nmap. You can do this by running the command provided below:<\/p>\n\n\n\n

    nmap -v -sC <Machine IP><\/code><\/pre>\n\n\n\n
    Once the scanning is done, you can see that there is an FTP port opened…<\/p>\n\n\n\n
    \"\"<\/figure>\n\n\n\n
    So we can try an Anonymous FTP login and see if we can find something there.<\/p>\n\n\n\n
    ftp <Machine IP><\/code><\/pre>\n\n\n\n
    To retrieve the text file named note_to_jake.txt, simply type ‘get<\/code>‘ followed by the file name. Afterward, close the FTP service.<\/p>\n\n\n\n
    \"\"<\/figure>\n\n\n\n
    \"\"<\/figure>\n\n\n\n
    After reviewing the file, it appears that ‘Jake’ is a username. So we will use Hydra<\/strong> to perform a brute-force attack and attempt an SSH login.<\/p>\n\n\n\n
    \"\"<\/figure>\n\n\n\n
    \"\"<\/figure>\n\n\n\n
    We successfully logged in via SSH. Once you get in the home directory then go in  ‘holt<\/strong>‘ directory, you’ll find the user flag for our Brooklyn Nine Nine CTF.<\/p>\n\n\n\n
    \"\"<\/figure>\n\n\n\n
    Now for the second flag, type sudo -l for login root access…<\/p>\n\n\n\n
    \"\"<\/figure>\n\n\n\n
    Type the below command to get the root flag…<\/p>\n\n\n\n
    sudo \/usr\/bin\/less \/root\/root.txt<\/code><\/pre>\n\n\n\n
    \"\"<\/figure>\n\n\n\n
    Great job finishing the Brooklyn Nine Nine CTF! Explore our other walkthroughs<\/a> for more exciting CTFs.<\/p>\n","protected":false},"excerpt":{"rendered":"Introduction to Brooklyn Nine Nine CTF Welcome to the Brooklyn Nine Nine CTF Walkthrough! In this guide, we’ll…\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"footnotes":""},"categories":[2318],"tags":[2332,2333,2316,2334,2335,2331],"class_list":{"0":"post-11695","1":"post","2":"type-post","3":"status-publish","4":"format-standard","6":"category-ctf-walkthrough","7":"tag-brooklyn-nine-nine","8":"tag-brooklyn99","9":"tag-ctf","10":"tag-ctf-tutorial","11":"tag-ctf-walkthrough","12":"tag-tryhackme"},"_links":{"self":[{"href":"https:\/\/reconcybersecurity.com\/blogs\/wp-json\/wp\/v2\/posts\/11695","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/reconcybersecurity.com\/blogs\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/reconcybersecurity.com\/blogs\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/reconcybersecurity.com\/blogs\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/reconcybersecurity.com\/blogs\/wp-json\/wp\/v2\/comments?post=11695"}],"version-history":[{"count":0,"href":"https:\/\/reconcybersecurity.com\/blogs\/wp-json\/wp\/v2\/posts\/11695\/revisions"}],"wp:attachment":[{"href":"https:\/\/reconcybersecurity.com\/blogs\/wp-json\/wp\/v2\/media?parent=11695"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/reconcybersecurity.com\/blogs\/wp-json\/wp\/v2\/categories?post=11695"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/reconcybersecurity.com\/blogs\/wp-json\/wp\/v2\/tags?post=11695"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}