Solving TryHackMe's "Net Sec Challenge" Room - A Complete Walkthrough
#challenge#infosec#tryhackme#cybersecurity
Emanuele

Emanuele @shadownet0110

About: Cybersecurity enthusiast with a passion for process injection techniques, malware analysis, and offensive security. I explore advanced tactics, build custom tooling, and share insights on threat detec

Location:
Glasgow, Scotland
Joined:
Apr 19, 2025

Solving TryHackMe's "Net Sec Challenge" Room - A Complete Walkthrough

Publish Date: Jun 18
0 0

🧭 Introduction
In this post, I’ll walk you through my experience solving the Network Security room on TryHackMe. This room is part of the Network Security module, which is perfect for beginners looking to understand how computers communicate and how attackers can exploit network weaknesses.

🧰 Tools Used
Nmap – for scanning and enumeration
Hydra – for cracking ftp credentials

🧩 Room Breakdown
We will prepare our one line nmap command that will answer to all of our initial questions, i'll share what i've found out that is an easy win here:

nmap -sC -sV -p- -T4 <MACHINE_IP> -vv
Enter fullscreen mode Exit fullscreen mode

nmap

nmap 1

nmap flag

Now let's answer to this group of questions, like i did in the following:

answers 1

We've also got the FTP server version, which is the vsftpd 3.0.5, forgot to include the screenshot :/

For the upcoming task we have to use Hydra since we didn't got any password to SSH into those user account, we have to give Hydra rockyou.txt wordlist in order to crack a password. I'll move the two usernames into a file called users.txt

nano usernames

A little check before building the Hydra command:

a little check

Ok so now we need to build our Hydra command for cracking two passwords while running, this probably is not the best practice out there but worked fine for me:

hydra -t 8 -L users.txt -P /usr/share/wordlists/rockyou.txt ftp:10.10.101.15:10021
Enter fullscreen mode Exit fullscreen mode

Let it run and let's wait patiently until gives us some results!

crack hydra

Clear up the terminal, we're going to connect now to the ftp location using our first found credentials eddie - jordan. Using the code snippet here, you are task to locate a txt file with the flag, ls -la will help us since we cannot use any command like locate or find in a ftp connection.

ftp <MACHINE_IP> 10021
Enter fullscreen mode Exit fullscreen mode

eddie login

No luck with eddie, we will try again with quinn - andrea

quinn login

From this point we can input get ftp_flag.txt and save the flag file into our AttackBox. Let's cat this file and our flag is shown:

ftp flag

Last but not least the ip to visit with a little challenge to score. First let's have a look.

web challenge
It looks like we have to go undercover to trick the web application to give us a flag. We're try to solve this with Nmap null scan.

nmap -sN 10.10.101.15
Enter fullscreen mode Exit fullscreen mode

last answer

We've managed to solve the entire room, get this last flag to answer the last question!

📌 Final Thoughts
The Network Security room is a fantastic starting point for anyone diving into cybersecurity. It’s hands-on, practical, and builds a solid foundation for more advanced topics.

If you’re just starting out, I highly recommend giving this room a try. Feel free to drop your questions or share your own experiences in the comments!

Comments 0 total

    Add comment