MR-ROBOT: 1 Walkthrough
Based on the show, Mr. Robot.
Based on the show, Mr. Robot.
This VM has three keys hidden in different locations. Your goal is to find all three. Each key is progressively difficult to find.
The VM isn’t too difficult. There isn’t any advanced exploitation or reverse engineering. The level is considered beginner-intermediate.
Enumeration
Brooding:
- SSH is closed.
- 80 and 443 — same on application layer.
More Enumeration…
- Manual Walkthrough
- found a key on robots.txt
🔑 073403c8a58a1f80d943455fb30724b9
2. Nothing from hydra + Gobuster
Finding Other Keys…
Now, we have many items in the fsocity.dic. To boil it down, i need to find the available users.
Let’s use wpscan to brute force it.
after 1hr, you will get,
credentials: elliot:ER28–0652
Let’s login to the site…
We got to crack this to get into robot for 2nd key.
When you crack the hash, you will get abcdefghijklmnopqrstuvwxyz
🔑 822c73956184f694993bede3eb39f959
privelege Escaltion
🔑 04787ddef27c3dee1ee161b21670b4e4