Search

The write up for a room in TryHackMe named Mr. Robot.

Task #1

To deploy the Mr Robot virtual machine, you will first need to connect to our network.

After connecting to the server you will see this on your access page.

Once you are connected to the server successfully then you have to deploy your machine.



Task #2

So after deploying the machine on TryHackMe portal, we get an IP to access this machine. It is going to be different for every time you deploy it, so your ROOM-IP might be different from mine.



Nmap scan:

We need to know what services are running behind the scenes and what ports are open. So we are going to use a tool called Nmap.

$nmap -A <TARGET IP> -oN nmap.txt

Having ports 80 and 443 indicates we have a website running, so we open http://10.10.44.213 and https://10.10.44.213 on our browser


Now that we know the target is running a web server we should do a directory brute force scan to see what’s available. You can use dirbuster or dirb but I like to use gobuster.


Similar in concept to password brute-forcing we are taking a list of words contained in a file and using them as search queries against the web server. If it returns a 20x or 30x status code then we know something is there.