Member-only story
Brooklyn99 WriteUp | Steganography & Binary Exploitation
Greetings everyone, today I would like to analyze BrooklynNineNine on TryHackMe platform. Actually, it was not so hard to deal with that machine because of my real-world test experiences. I recognized that I am now able to deal with more complicated reconnaissance on web applications. Therefore, I was comfortable to jump post-compromise part on this instance.
Let me add my IPv4 address to /etc/hosts to avoid specifying the address in commands each time.
Open hosts file
nano /etc/hosts
[MACHINE-IP] brooklyn.thm
Save with C^S and exit C^X
This how it looks like.
Reconnaissance
First of all, I did not want to use browser to display HTML elements of the page. That's why, I decided to use curl to save time. Maybe we have a web app on port 80 or 443
curl -v brooklyn.thm
As you can see below, there was a comment indicating the technique called Steganography
<!--- Have you ever heard of steganography? -->
Let me extract the image from web application through my browser:
