Open in app

Sign in

Write

Sign in

TryHackMe Gotta Catch’em All Write-ups(Beginner Friendly and Detailed)

Cursemagic
4 min readNov 28, 2020

--

Hi, today ill be sharing my write-up for this room. This is a room created by GhostlyPy on TryHackMe platform.

This write-up might be the same as the others but I am not sure about it as I didn't look into other write-ups yet.

TryHackMe Gotta Catch’em All link: https://tryhackme.com/room/pokemon

So, let’s get started! *Happy Pikachu Noises*

TASK 1: Can You Catch’em All

So, let’s deploy the machine.

After the machine started, run nmap.

So, we get the result of the scanning.

Now, go to port 80.

Look into the source code, we can find some information in it.

Viola! We have the required creds to login through ssh.

So, we can go to the terminal and run ssh to get into it.

After login, I try to search manually through the machine and finally found on the Desktop.

We can unzip it by using the “unzip” command.

And we can view the file inside and get the answer.

But the answer we required need to be decoded. So, I go to Cyberchef to decode it.

So, Question 1 is done.

Now Question 2. I suddenly think of using the “find” function to get all the text files together in the system.

find / -type f -name “*-type.txt” 2>/dev/null

But surprisingly, it works like a charm.

Now we know the path for water, fire, and grass files.

After using the “cat” command to show the content, it's again a string of alphabet which we need to decode. And again, CyberChef.

Again for fire, it's another encoded string. And we are done with fire, water, and grass-type pokemon.

Now, it's root’s turn.

I found a text file which is for Question 4 but it seems we do not have the privilege to view it.

I ran a few commands to find any things that we could use but failed.

So, I started to search for alternatives through those folders. And after a few minutes, I found something special.

When we open the file. We have the credentials for another user.

su ash

Now we are in as user ash. Now cd /home and cat the text file.

YESH WE ARE DONE!

Thank you for reading and finishing this write-up.

Thank you TryHackMe platform for providing such a good place for us to play and learn to hack.

Thank you creator GhostlyPy for creating this good room for us to learn from.

#####################
Anyone has vouchers for me is greatly appreciated!!! XD
#####################

Tryhackme
Beginner
Writeup

--

--

Cursemagic
Cursemagic

Written by Cursemagic

15 Followers
1 Following

Just learning, together we are strong.

No responses yet

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams