Mr. Robot — TryHackMe

sudo nmap -sC -sV IP
http://IP
gobuster dir -u IP -w /usr/share/wordlists/dirbuster/directory-list-2.3-medium.txt -x html,php,asp,aspx,py,sh,txt,xml,cfm,bak,js
http://IP/wp-login.php
http://IP/robots.txt
http://IP/fsocity.dic
http://IP/key-1-of-3.txt
Before sort
After sort
hydra -l agent -P passwordlist.txt http-post-form
elliot:ERC28-0652
Elliot’s account
/upload.php
listener
reverse shell
failed .php extensions
pasted reverse shell script
reverse shell
key-2-of-3.txt
password = alphabet
key-2-of-3.txt
SUID nmap
key-3-of-3.txt

--

--

--

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

CS373 Blog, Week 9

Web Stack Postmortem

What are the important & difficult tasks for Flutter devs? — Q1 2020 survey results

Sat-ur-day

One line to free space in your (free) Slack storage

Docker and strategies to check database service availability

Clean architecture made easy

Initial database creation and seeding with Laravel 5 (Build a forum part 1)

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Kingslayr

Kingslayr

More from Medium

TryHackMe: Mustacchio -Writeup

TryHackMe | Road

TryHackMe-Mobile Malware Analysis | By Subhadip Nag(Mrl0s3r)

TryHackMe Writeup-GameZone