Hydra

Summary Basic Pentesting is the first machine in my Road to eJPTv2 series. It’s an excellent starting point because it covers several areas that appear on the exam: service enumeration (SMB, HTTP), directory fuzzing, SSH bruteforce, and SSH private key cracking. If you’re starting with TryHackMe and the eJPT, this machine is mandatory. Attribute Value Platform TryHackMe Difficulty Easy OS Linux Room Basic Pentesting Skills SMB Enum, Web Fuzzing, SSH Bruteforce, SSH Key Cracking Video version If you prefer to follow the walkthrough step by step, keep reading. The video covers the same process in visual format. ...

Summary Bounty Hacker is the fifth machine in the Road to eJPTv2 series and one of the most straightforward in terms of attack flow. Anonymous FTP doesn’t just confirm lax configurations — this time it directly delivers a password wordlist and the target username. With that data, Hydra does the heavy lifting against SSH. The escalation via sudo tar introduces a new GTFOBins binary worth knowing. Attribute Value Platform TryHackMe Difficulty Easy OS Linux Room Bounty Hacker Skills FTP Enum, SSH Bruteforce, Sudo Privesc (tar) 🎥 Video version If you prefer to follow the walkthrough step by step, keep reading. The video covers the same process in visual format. ...

Summary Skynet is the eighth machine of the Road to eJPTv2 series and one of the most complete in the path. It combines SMB enumeration, brute force against a webmail, exploitation of a CMS with Remote File Inclusion, and a classic privilege escalation based on tar wildcard injection in a cron job. A chained attack flow where each phase depends on the previous one — exactly the kind of reasoning the eJPT evaluates. ...