TryHackMe Bounty Hacker | Full Walkthrough

In this video, we tackle the popular Western-themed TryHackMe room Bounty Hacker. We start with a standard network scan to discover open ports and available services on the target. From there, we exploit an anonymous FTP login vulnerability to download hidden files containing interesting notes and a potential wordlist. Next, we feed those files into Hydra to execute a targeted SSH brute-force attack and successfully secure a foothold on the server. Finally, we analyse our sudo privileges, discover a weakness in the tar command configuration, and abuse it to instantly escalate to root. Watch as we break down each step clearly and smoothly capture all flags. 0:30------preparation 0:55------network scan 1:18------web-page visit 2:14------ftp connection 3:00------exploring the txt files 4:35------hydra brute-force 6:50------tar escalation Disclaimer: This video is for educational purposes only. All software, logos, and trademarks shown in this video belong to their respective owners; their appearance does not imply endorsement or affiliation. The use of these materials is intended under Fair Use for educational and instructional purposes. All demonstrations and experiments were conducted within private, controlled environments. The author assumes no responsibility for any misuse of the information provided or for any actions taken by viewers outside of these instructional parameters.