MR-ROBOT: 1 Walkthrough

Based on the show, Mr. Robot.

Based on the show, Mr. Robot.

This VM has three keys hidden in different locations. Your goal is to find all three. Each key is progressively difficult to find.

The VM isn’t too difficult. There isn’t any advanced exploitation or reverse engineering. The level is considered beginner-intermediate.

Mr-Robot: 1
This website uses 'cookies' to give you the best, most relevant experience. Using this website means you're happy with…

Enumeration

Brooding:

  1. SSH is closed.
  2. 80 and 443 — same on application layer.

More Enumeration…

  1. Manual Walkthrough
  • found a key on robots.txt

🔑 073403c8a58a1f80d943455fb30724b9

2. Nothing from hydra + Gobuster


Finding Other Keys…

Now, we have many items in the fsocity.dic. To boil it down, i need to find the available users.

Finding valid Users

Let’s use wpscan to brute force it.

after 1hr, you will get,

credentials: elliot:ER28–0652

Let’s login to the site…

update the theme 404 to get Reverse shell
received the Reverse Shell

We got to crack this to get into robot for 2nd key.

When you crack the hash, you will get abcdefghijklmnopqrstuvwxyz

🔑 822c73956184f694993bede3eb39f959

privelege Escaltion

🔑 04787ddef27c3dee1ee161b21670b4e4

Use GTFOBins

Photo by Ludovic Toinel on Unsplash