TryHackME Walkthrough | Mr. Robot

Based on the Mr. Robot show

This walkthrough is written as a part of Master certificate in cybersecurity (Red Team) that I am pursuing from HackeU.

Connecting to VPN

  1. Download OpenVPN configuration setting from TryHackMe platform
  2. Connect to TryHackMe by running the command in kali terminal:

sudo openvpn /pathtoOVPNfile.ovpn

Machine Information

After Deployment we will get Machine <IP>

Reconnaissance

Starting with a nmap scan

nmap -sS -sV -A <IP>

22 : SSH

80 : http

443 : https

Checking robots.txt

  1. Found a dictionary fsocity.dic
  2. first key key-1-of-3.txt

Using to scan the IP address

Navigating to , now trying to use burp suite intercept

Now intercepting the login request in burpsuite and using the dic file we found to brute force it

Capture request in burp suite and forward request to intruder tab.

Found 404.php > updated php-reverse-shell here

nc -nlvp 4444

When you browse to the updated page will get shell

Inside the robot directory we found the password which is encoded in MD5 for user robot. First we will reverse the hash and find the password and we will change to superuser so that we can escalate our privileges and find rest of the keys.

python -c ‘import pty; pty.spawn(“/bin/sh”)’ python -c ‘import pty;

pty.spawn(“/bin/sh”)’

Search for users privilege permission:

find / -perm /4000 -type f 2>/tmp/2

--

--

B.Sc IT Graduate with C.E.H certification currently pursuing Offensive Security (Red Team). Passion for MMA and Kick-boxing & Automobile Enthusiast.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Aditya Kumar

B.Sc IT Graduate with C.E.H certification currently pursuing Offensive Security (Red Team). Passion for MMA and Kick-boxing & Automobile Enthusiast.