[{"data":1,"prerenderedAt":748},["ShallowReactive",2],{"\u002F2025\u002Ftryhackme-b3dr0ck-writeup":3,"surround-\u002F2025\u002Ftryhackme-b3dr0ck-writeup":739},{"_path":4,"_dir":5,"_draft":6,"_partial":6,"_locale":7,"title":8,"description":9,"date":10,"updated":10,"image":11,"categories":12,"recommend":6,"draft":6,"readingTime":14,"body":19,"_type":732,"_id":733,"_source":734,"_file":735,"_stem":736,"_extension":737,"_original_dir":738},"\u002F2025\u002Ftryhackme-b3dr0ck-writeup","2025",false,"","TryHackMe - b3dr0ck","A step-by-step guide to solving the b3dr0ck room on TryHackMe.","2025-09-04T15:20:00.000Z","https:\u002F\u002Fhackpaper-image-server.pages.dev\u002Fimages\u002Fblogs\u002Ftryhackme-b3dr0ck-writeup\u002Fthumbnail.jpg",[13],"CTF",{"text":15,"minutes":16,"time":17,"words":18},"4 min read",3.045,182700,609,{"type":20,"children":21,"toc":722},"root",[22,28,44,51,73,77,98,102,107,111,115,139,145,158,162,166,195,199,212,217,251,255,259,284,288,300,304,317,321,327,333,354,358,371,375,379,406,410,414,434,438,442,454,458,496,515,595,599,626,663,700,704,716],{"type":23,"tag":24,"props":25,"children":27},"element","pic",{"src":26},"https:\u002F\u002Fhackpaper-image-server.pages.dev\u002Fimages\u002Fblogs\u002Ftryhackme-b3dr0ck-writeup\u002F1.jpg",[],{"type":23,"tag":29,"props":30,"children":31},"p",{},[32,35],{"type":33,"value":34},"text","Target IP: ",{"type":23,"tag":36,"props":37,"children":41},"a",{"href":38,"rel":39},"https:\u002F\u002Ftryhackme.com\u002Froom\u002Fb3dr0ck",[40],"nofollow",[42],{"type":33,"value":43},"bedrock.thm",{"type":23,"tag":45,"props":46,"children":48},"h2",{"id":47},"reconnaissance",[49],{"type":33,"value":50},"Reconnaissance",{"type":23,"tag":29,"props":52,"children":53},{},[54,56,63,65,71],{"type":33,"value":55},"Let's perform an nmap scan with the command ",{"type":23,"tag":57,"props":58,"children":60},"code",{"className":59},[],[61],{"type":33,"value":62},"nmap bedrock.thm -Pn -p- -sCV --open -oX Desktop\u002FFullScan.xml",{"type":33,"value":64}," and save the output. Now, let's convert this output to HTML format with ",{"type":23,"tag":57,"props":66,"children":68},{"className":67},[],[69],{"type":33,"value":70},"xsltproc FullScan.xml -o bedrock-result.html",{"type":33,"value":72}," and examine it.",{"type":23,"tag":24,"props":74,"children":76},{"src":75},"https:\u002F\u002Fhackpaper-image-server.pages.dev\u002Fimages\u002Fblogs\u002Ftryhackme-b3dr0ck-writeup\u002F2.jpg",[],{"type":23,"tag":29,"props":78,"children":79},{},[80,82,88,90,96],{"type":33,"value":81},"We have several ports here. Now let's go to ",{"type":23,"tag":57,"props":83,"children":85},{"className":84},[],[86],{"type":33,"value":87},"bedrock.thm:80",{"type":33,"value":89}," and see what happens. And it automatically redirected us to the ",{"type":23,"tag":57,"props":91,"children":93},{"className":92},[],[94],{"type":33,"value":95},"bedrock.thm:4040",{"type":33,"value":97}," (TLS) port.",{"type":23,"tag":24,"props":99,"children":101},{"src":100},"https:\u002F\u002Fhackpaper-image-server.pages.dev\u002Fimages\u002Fblogs\u002Ftryhackme-b3dr0ck-writeup\u002F3.jpg",[],{"type":23,"tag":29,"props":103,"children":104},{},[105],{"type":33,"value":106},"From this, we understand that an unwanted service is running on a port higher than 9000 and that they aim to secure connections with certificates.",{"type":23,"tag":24,"props":108,"children":110},{"src":109},"https:\u002F\u002Fhackpaper-image-server.pages.dev\u002Fimages\u002Fblogs\u002Ftryhackme-b3dr0ck-writeup\u002F4.jpg",[],{"type":23,"tag":24,"props":112,"children":114},{"src":113},"https:\u002F\u002Fhackpaper-image-server.pages.dev\u002Fimages\u002Fblogs\u002Ftryhackme-b3dr0ck-writeup\u002F5.jpg",[],{"type":23,"tag":29,"props":116,"children":117},{},[118,120,129,131,137],{"type":33,"value":119},"From our nmap scan, we understand that this is the ",{"type":23,"tag":57,"props":121,"children":126},{"className":122,"id":124,"style":125},[123],"example-info","just-like-this","color: #4DFFBE",[127],{"type":33,"value":128},"pichat",{"type":33,"value":130}," service running on port ",{"type":23,"tag":57,"props":132,"children":134},{"className":133,"id":124,"style":125},[123],[135],{"type":33,"value":136},"9009",{"type":33,"value":138},". When we examine this service, we understand that it is a simple and lightweight command-based chat\u002Fmessaging service designed with the \"Pi\" (for small devices like Raspberry Pi) + \"Chat\" concept.",{"type":23,"tag":45,"props":140,"children":142},{"id":141},"initial-access",[143],{"type":33,"value":144},"Initial Access",{"type":23,"tag":29,"props":146,"children":147},{},[148,150,156],{"type":33,"value":149},"Now let's connect to this service with ",{"type":23,"tag":57,"props":151,"children":153},{"className":152},[],[154],{"type":33,"value":155},"netcat",{"type":33,"value":157},". What awaits us;",{"type":23,"tag":24,"props":159,"children":161},{"src":160},"https:\u002F\u002Fhackpaper-image-server.pages.dev\u002Fimages\u002Fblogs\u002Ftryhackme-b3dr0ck-writeup\u002F6.jpg",[],{"type":23,"tag":24,"props":163,"children":165},{"src":164},"https:\u002F\u002Fhackpaper-image-server.pages.dev\u002Fimages\u002Fblogs\u002Ftryhackme-b3dr0ck-writeup\u002F7.jpg",[],{"type":23,"tag":29,"props":167,"children":168},{},[169,171,178,180,185,187,193],{"type":33,"value":170},"When we enter a random text here, we get the response ",{"type":23,"tag":57,"props":172,"children":175},{"className":173,"id":124,"style":174},[123],"color: #77BEF0",[176],{"type":33,"value":177},"You use this service to recover your client certificate and private key",{"type":33,"value":179},". And we understand that we are in the right place. Now we search the internet for basic ",{"type":23,"tag":57,"props":181,"children":183},{"className":182},[],[184],{"type":33,"value":128},{"type":33,"value":186}," usage and see that we can use the ",{"type":23,"tag":57,"props":188,"children":190},{"className":189,"id":124,"style":125},[123],[191],{"type":33,"value":192},"help",{"type":33,"value":194}," command.",{"type":23,"tag":24,"props":196,"children":198},{"src":197},"https:\u002F\u002Fhackpaper-image-server.pages.dev\u002Fimages\u002Fblogs\u002Ftryhackme-b3dr0ck-writeup\u002F8.jpg",[],{"type":23,"tag":29,"props":200,"children":201},{},[202,204,210],{"type":33,"value":203},"From here, we see that there is a login service running on port ",{"type":23,"tag":57,"props":205,"children":207},{"className":206,"id":124,"style":125},[123],[208],{"type":33,"value":209},"54321",{"type":33,"value":211}," that uses TLS, which we also saw in our nmap output. And it says we can connect to it with the following command;",{"type":23,"tag":213,"props":214,"children":216},"copy",{"code":215},"socat stdio ssl:MACHINE_IP:54321,cert=\u003CCERT_FILE>,key=\u003CKEY_FILE>,verify=0",[],{"type":23,"tag":29,"props":218,"children":219},{},[220,222,228,230,236,238,243,244,249],{"type":33,"value":221},"Now we know that we can access our ",{"type":23,"tag":57,"props":223,"children":225},{"className":224},[],[226],{"type":33,"value":227},"cert",{"type":33,"value":229}," and ",{"type":23,"tag":57,"props":231,"children":233},{"className":232},[],[234],{"type":33,"value":235},"key",{"type":33,"value":237}," information from our current pichat service. So let's just type ",{"type":23,"tag":57,"props":239,"children":241},{"className":240,"id":124,"style":125},[123],[242],{"type":33,"value":227},{"type":33,"value":229},{"type":23,"tag":57,"props":245,"children":247},{"className":246,"id":124,"style":125},[123],[248],{"type":33,"value":235},{"type":33,"value":250}," and see what we can get. Maybe these are defined requests.",{"type":23,"tag":24,"props":252,"children":254},{"src":253},"https:\u002F\u002Fhackpaper-image-server.pages.dev\u002Fimages\u002Fblogs\u002Ftryhackme-b3dr0ck-writeup\u002F9.jpg",[],{"type":23,"tag":24,"props":256,"children":258},{"src":257},"https:\u002F\u002Fhackpaper-image-server.pages.dev\u002Fimages\u002Fblogs\u002Ftryhackme-b3dr0ck-writeup\u002F10.jpg",[],{"type":23,"tag":29,"props":260,"children":261},{},[262,264,269,270,275,277,282],{"type":33,"value":263},"And yes, we have obtained the ",{"type":23,"tag":57,"props":265,"children":267},{"className":266},[],[268],{"type":33,"value":227},{"type":33,"value":229},{"type":23,"tag":57,"props":271,"children":273},{"className":272},[],[274],{"type":33,"value":235},{"type":33,"value":276}," information. Now let's save them to a file on our own device and connect to the service on port ",{"type":23,"tag":57,"props":278,"children":280},{"className":279},[],[281],{"type":33,"value":209},{"type":33,"value":283}," with socat.",{"type":23,"tag":24,"props":285,"children":287},{"src":286},"https:\u002F\u002Fhackpaper-image-server.pages.dev\u002Fimages\u002Fblogs\u002Ftryhackme-b3dr0ck-writeup\u002F11.jpg",[],{"type":23,"tag":29,"props":289,"children":290},{},[291,293,298],{"type":33,"value":292},"And we are connected to our service. Since we don't know what to do after accessing the service, let's run the ",{"type":23,"tag":57,"props":294,"children":296},{"className":295},[],[297],{"type":33,"value":192},{"type":33,"value":299}," command like in the previous service.",{"type":23,"tag":24,"props":301,"children":303},{"src":302},"https:\u002F\u002Fhackpaper-image-server.pages.dev\u002Fimages\u002Fblogs\u002Ftryhackme-b3dr0ck-writeup\u002F12.jpg",[],{"type":23,"tag":29,"props":305,"children":306},{},[307,309,315],{"type":33,"value":308},"From here we get the information ",{"type":23,"tag":57,"props":310,"children":312},{"className":311,"id":124,"style":125},[123],[313],{"type":33,"value":314},"Barney Rubble:d1ad7c0a3805955a35eb260dab4180dd",{"type":33,"value":316},". Yes, our password may look hashed, but it is not. You can use it directly.",{"type":23,"tag":24,"props":318,"children":320},{"src":319},"https:\u002F\u002Fhackpaper-image-server.pages.dev\u002Fimages\u002Fblogs\u002Ftryhackme-b3dr0ck-writeup\u002F13.jpg",[],{"type":23,"tag":45,"props":322,"children":324},{"id":323},"privilege-escalation",[325],{"type":33,"value":326},"Privilege Escalation",{"type":23,"tag":328,"props":329,"children":331},"h3",{"id":330},"barney",[332],{"type":33,"value":330},{"type":23,"tag":29,"props":334,"children":335},{},[336,338,344,346,352],{"type":33,"value":337},"When we do a simple analysis with ",{"type":23,"tag":57,"props":339,"children":341},{"className":340},[],[342],{"type":33,"value":343},"sudo -l",{"type":33,"value":345},", we see that the barney user can run the ",{"type":23,"tag":57,"props":347,"children":349},{"className":348,"id":124,"style":125},[123],[350],{"type":33,"value":351},"\u002Fusr\u002Fbin\u002Fcertutil",{"type":33,"value":353}," binary with sudo privileges.",{"type":23,"tag":24,"props":355,"children":357},{"src":356},"https:\u002F\u002Fhackpaper-image-server.pages.dev\u002Fimages\u002Fblogs\u002Ftryhackme-b3dr0ck-writeup\u002F14.jpg",[],{"type":23,"tag":29,"props":359,"children":360},{},[361,363,369],{"type":33,"value":362},"When we run this binary with sudo, we are shown how to use it. From this, we understand that thanks to this tool, we can list our certificates and add new keypairs. In our case, we will create new keys for ",{"type":23,"tag":57,"props":364,"children":366},{"className":365},[],[367],{"type":33,"value":368},"fred",{"type":33,"value":370},".",{"type":23,"tag":24,"props":372,"children":374},{"src":373},"https:\u002F\u002Fhackpaper-image-server.pages.dev\u002Fimages\u002Fblogs\u002Ftryhackme-b3dr0ck-writeup\u002F15.jpg",[],{"type":23,"tag":24,"props":376,"children":378},{"src":377},"https:\u002F\u002Fhackpaper-image-server.pages.dev\u002Fimages\u002Fblogs\u002Ftryhackme-b3dr0ck-writeup\u002F16.jpg",[],{"type":23,"tag":29,"props":380,"children":381},{},[382,384,390,391,397,399,404],{"type":33,"value":383},"Let's save the cert and key we obtained here on our device as ",{"type":23,"tag":57,"props":385,"children":387},{"className":386},[],[388],{"type":33,"value":389},"fred.crt",{"type":33,"value":229},{"type":23,"tag":57,"props":392,"children":394},{"className":393},[],[395],{"type":33,"value":396},"fred.key",{"type":33,"value":398},". And let's connect to our service on port ",{"type":23,"tag":57,"props":400,"children":402},{"className":401},[],[403],{"type":33,"value":209},{"type":33,"value":405}," with these certificates.",{"type":23,"tag":213,"props":407,"children":409},{"code":408},"socat stdio ssl:bedrock.thm:54321,cert=fred.crt,key=fred.key,verify=0",[],{"type":23,"tag":24,"props":411,"children":413},{"src":412},"https:\u002F\u002Fhackpaper-image-server.pages.dev\u002Fimages\u002Fblogs\u002Ftryhackme-b3dr0ck-writeup\u002F17.jpg",[],{"type":23,"tag":29,"props":415,"children":416},{},[417,419,424,426,432],{"type":33,"value":418},"And from here we see that the password for ",{"type":23,"tag":57,"props":420,"children":422},{"className":421},[],[423],{"type":33,"value":368},{"type":33,"value":425}," is ",{"type":23,"tag":57,"props":427,"children":429},{"className":428,"id":124,"style":125},[123],[430],{"type":33,"value":431},"YabbaDabbaD0000!",{"type":33,"value":433},". Now let's log in as fred via ssh.",{"type":23,"tag":24,"props":435,"children":437},{"src":436},"https:\u002F\u002Fhackpaper-image-server.pages.dev\u002Fimages\u002Fblogs\u002Ftryhackme-b3dr0ck-writeup\u002F18.jpg",[],{"type":23,"tag":328,"props":439,"children":440},{"id":368},[441],{"type":33,"value":368},{"type":23,"tag":29,"props":443,"children":444},{},[445,447,452],{"type":33,"value":446},"When we use ",{"type":23,"tag":57,"props":448,"children":450},{"className":449},[],[451],{"type":33,"value":343},{"type":33,"value":453}," for this user, we see that they have the authority to run the following.",{"type":23,"tag":24,"props":455,"children":457},{"src":456},"https:\u002F\u002Fhackpaper-image-server.pages.dev\u002Fimages\u002Fblogs\u002Ftryhackme-b3dr0ck-writeup\u002F19.jpg",[],{"type":23,"tag":29,"props":459,"children":460},{},[461,463,469,471,478,480,486,488,494],{"type":33,"value":462},"From this, we understand that when we run this command, our password in the ",{"type":23,"tag":57,"props":464,"children":466},{"className":465,"id":124,"style":125},[123],[467],{"type":33,"value":468},"\u002Froot\u002Fpass.txt",{"type":33,"value":470}," path is encrypted with ",{"type":23,"tag":57,"props":472,"children":475},{"className":473,"id":124,"style":474},[123],"color: #efb11d",[476],{"type":33,"value":477},"BASE-64",{"type":33,"value":479}," or ",{"type":23,"tag":57,"props":481,"children":483},{"className":482,"id":124,"style":474},[123],[484],{"type":33,"value":485},"BASE-32",{"type":33,"value":487},". In my first attempt, I interpreted it as the person could use whichever they wanted, but that's not the case. Whichever you choose, you have to use both encryptions because the ",{"type":23,"tag":57,"props":489,"children":491},{"className":490},[],[492],{"type":33,"value":493},"pass.txt",{"type":33,"value":495}," file is hashed multiple times.",{"type":23,"tag":29,"props":497,"children":498},{},[499,501,506,508],{"type":33,"value":500},"I will proceed with ",{"type":23,"tag":57,"props":502,"children":504},{"className":503},[],[505],{"type":33,"value":477},{"type":33,"value":507},". With the following command, I will do the first decode on the target machine since base-64 is installed directly on the target machine. ",{"type":23,"tag":36,"props":509,"children":512},{"href":510,"rel":511},"https:\u002F\u002Fgtfobins.github.io\u002Fgtfobins\u002Fbase64\u002F",[40],[513],{"type":33,"value":514},"see.",{"type":23,"tag":516,"props":517,"children":521},"pre",{"className":518,"code":519,"language":520,"meta":7,"style":7},"language-bash shiki shiki-themes catppuccin-latte one-dark-pro","LFILE=\u002Froot\u002Fpass.txt\nsudo \u002Fusr\u002Fbin\u002Fbase64 \"$LFILE\" | \u002Fusr\u002Fbin\u002Fbase64 --decode\n","bash",[522],{"type":23,"tag":57,"props":523,"children":524},{"__ignoreMap":7},[525,549],{"type":23,"tag":526,"props":527,"children":530},"span",{"class":528,"line":529},"line",1,[531,537,543],{"type":23,"tag":526,"props":532,"children":534},{"style":533},"--shiki-default:#4C4F69;--shiki-dark:#E06C75",[535],{"type":33,"value":536},"LFILE",{"type":23,"tag":526,"props":538,"children":540},{"style":539},"--shiki-default:#179299;--shiki-dark:#56B6C2",[541],{"type":33,"value":542},"=",{"type":23,"tag":526,"props":544,"children":546},{"style":545},"--shiki-default:#40A02B;--shiki-dark:#98C379",[547],{"type":33,"value":548},"\u002Froot\u002Fpass.txt\n",{"type":23,"tag":526,"props":550,"children":552},{"class":528,"line":551},2,[553,559,564,569,574,579,585,589],{"type":23,"tag":526,"props":554,"children":556},{"style":555},"--shiki-default:#1E66F5;--shiki-default-font-style:italic;--shiki-dark:#61AFEF;--shiki-dark-font-style:inherit",[557],{"type":33,"value":558},"sudo",{"type":23,"tag":526,"props":560,"children":561},{"style":545},[562],{"type":33,"value":563}," \u002Fusr\u002Fbin\u002Fbase64",{"type":23,"tag":526,"props":565,"children":566},{"style":545},[567],{"type":33,"value":568}," \"",{"type":23,"tag":526,"props":570,"children":571},{"style":533},[572],{"type":33,"value":573},"$LFILE",{"type":23,"tag":526,"props":575,"children":576},{"style":545},[577],{"type":33,"value":578},"\"",{"type":23,"tag":526,"props":580,"children":582},{"style":581},"--shiki-default:#179299;--shiki-dark:#ABB2BF",[583],{"type":33,"value":584}," |",{"type":23,"tag":526,"props":586,"children":587},{"style":555},[588],{"type":33,"value":563},{"type":23,"tag":526,"props":590,"children":592},{"style":591},"--shiki-default:#40A02B;--shiki-dark:#D19A66",[593],{"type":33,"value":594}," --decode\n",{"type":23,"tag":24,"props":596,"children":598},{"src":597},"https:\u002F\u002Fhackpaper-image-server.pages.dev\u002Fimages\u002Fblogs\u002Ftryhackme-b3dr0ck-writeup\u002F20.jpg",[],{"type":23,"tag":29,"props":600,"children":601},{},[602,604,610,612,617,619,625],{"type":33,"value":603},"From here we find the hash ",{"type":23,"tag":57,"props":605,"children":607},{"className":606,"id":124,"style":474},[123],[608],{"type":33,"value":609},"LFKEC52ZKRCXSWKXIZVU43KJGNMXURJSLFWVS52OPJAXUTLNJJVU2RCWNBGXURTLJZKFSSYK",{"type":33,"value":611},". This is encrypted with ",{"type":23,"tag":57,"props":613,"children":615},{"className":614,"id":124,"style":174},[123],[616],{"type":33,"value":485},{"type":33,"value":618}," (We guessed this because this hashing algorithm is installed on our target system.). Now let's decode this with ",{"type":23,"tag":36,"props":620,"children":623},{"href":621,"rel":622},"https:\u002F\u002Fwww.dcode.fr\u002Fbase-32-encoding",[40],[624],{"type":33,"value":485},{"type":33,"value":370},{"type":23,"tag":29,"props":627,"children":628},{},[629,631,637,639,644,645,652,654,661],{"type":33,"value":630},"As a result, we obtained the hash ",{"type":23,"tag":57,"props":632,"children":634},{"className":633,"id":124,"style":474},[123],[635],{"type":33,"value":636},"YTAwYTEyYWFkNmI3YzE2YmYwNzAzMmJkMDVhMzFkNTYK",{"type":33,"value":638},". We determined that this is ",{"type":23,"tag":57,"props":640,"children":642},{"className":641,"id":124,"style":174},[123],[643],{"type":33,"value":477},{"type":33,"value":229},{"type":23,"tag":36,"props":646,"children":649},{"href":647,"rel":648},"https:\u002F\u002Fwww.base64decode.org\u002F",[40],[650],{"type":33,"value":651},"decoded",{"type":33,"value":653}," it again. (You can use ",{"type":23,"tag":36,"props":655,"children":658},{"href":656,"rel":657},"https:\u002F\u002Fhashes.com\u002Fen\u002Ftools\u002Fhash_identifier",[40],[659],{"type":33,"value":660},"this site",{"type":33,"value":662}," for detection.)",{"type":23,"tag":29,"props":664,"children":665},{},[666,668,674,676,682,684,690,692,698],{"type":33,"value":667},"From here we found the hash ",{"type":23,"tag":57,"props":669,"children":671},{"className":670,"id":124,"style":474},[123],[672],{"type":33,"value":673},"a00a12aad6b7c16bf07032bd05a31d56",{"type":33,"value":675}," and determined that it is ",{"type":23,"tag":57,"props":677,"children":679},{"className":678,"id":124,"style":174},[123],[680],{"type":33,"value":681},"MD5",{"type":33,"value":683},". When we crack this on ",{"type":23,"tag":36,"props":685,"children":688},{"href":686,"rel":687},"https:\u002F\u002Fcrackstation.net\u002F",[40],[689],{"type":33,"value":686},{"type":33,"value":691},", we get the result ",{"type":23,"tag":57,"props":693,"children":695},{"className":694,"id":124,"style":125},[123],[696],{"type":33,"value":697},"flintstonesvitamins",{"type":33,"value":699},". Now it encodes this again with base-64... just kidding, that was it.",{"type":23,"tag":24,"props":701,"children":703},{"src":702},"https:\u002F\u002Fhackpaper-image-server.pages.dev\u002Fimages\u002Fblogs\u002Ftryhackme-b3dr0ck-writeup\u002F21.jpg",[],{"type":23,"tag":29,"props":705,"children":706},{},[707,709,715],{"type":33,"value":708},"Now with this password, we can log in as root with ",{"type":23,"tag":57,"props":710,"children":712},{"className":711},[],[713],{"type":33,"value":714},"ssh root@bedrock.thm",{"type":33,"value":370},{"type":23,"tag":717,"props":718,"children":719},"style",{},[720],{"type":33,"value":721},"html .default .shiki span {color: var(--shiki-default);background: var(--shiki-default-bg);font-style: var(--shiki-default-font-style);font-weight: var(--shiki-default-font-weight);text-decoration: var(--shiki-default-text-decoration);}html .shiki span {color: var(--shiki-default);background: var(--shiki-default-bg);font-style: var(--shiki-default-font-style);font-weight: var(--shiki-default-font-weight);text-decoration: var(--shiki-default-text-decoration);}html .dark .shiki span {color: var(--shiki-dark);background: var(--shiki-dark-bg);font-style: var(--shiki-dark-font-style);font-weight: var(--shiki-dark-font-weight);text-decoration: var(--shiki-dark-text-decoration);}html.dark .shiki span {color: var(--shiki-dark);background: var(--shiki-dark-bg);font-style: var(--shiki-dark-font-style);font-weight: var(--shiki-dark-font-weight);text-decoration: var(--shiki-dark-text-decoration);}",{"title":7,"searchDepth":723,"depth":723,"links":724},4,[725,726,727],{"id":47,"depth":551,"text":50},{"id":141,"depth":551,"text":144},{"id":323,"depth":551,"text":326,"children":728},[729,731],{"id":330,"depth":730,"text":330},3,{"id":368,"depth":730,"text":368},"markdown","content:posts:2025:tryhackme-b3dr0ck-writeup.md","content","posts\u002F2025\u002Ftryhackme-b3dr0ck-writeup.md","posts\u002F2025\u002Ftryhackme-b3dr0ck-writeup","md","\u002Fposts",[740,744],{"_path":741,"title":742,"date":743},"\u002F2025\u002Ftryhackme-year-of-the-rabbit-writeup","TryHackMe - Year of the Rabbit","2025-09-03T15:56:06.000Z",{"_path":745,"title":746,"date":747},"\u002F2025\u002Ftryhackme-gamingserver-writeup","TryHackMe - GamingServer","2025-09-05T08:18:55.000Z",1777022958837]