Wordpress

Mr-Robot 1 is a boot2root challenge based on the Mr. Robot TV series, given I'd recently completed the Gibson challenged based on Hackers it seemed only reasonable to have a go at another challenge based on hacker-culture entertainment. root@kali:~# mkcd VulnHub/mrRobot root@kali:~/VulnHub/mrRobot# netdiscover -pr 10.1.11.0/24 Currently scanning: (passive) | Screen View: Unique Hosts 1 Captured ARP Req/Rep packets, from 1 hosts. Total size: 60 _____________________________________________________________________________ IP At MAC Address Count Len MAC Vendor / Hostname ----------------------------------------------------------------------------- 10.1.11.101 08:00:27:95:a1:6b 1 60 Cadmus Computer Systems root@kali:~/VulnHub/mrRobot# echo 10.1.11.101 > ip root@kali:~/VulnHub/mrRobot# nmap -A -T5 $(cat ip) Starting Nmap 7.12 ( https://nmap.org ) at 2016-06-30 20:46 BST Nmap scan report for linux.vulnlab.fbcnt.in (10.1.11.101) Host is up (0.00029s latency). Not shown: 997 filtered ports PORT STATE SERVICE VERSION 22/tcp closed ssh 80/tcp open http Apache httpd |_http-server-header: Apache |_http-title: Site doesn't have a title (text/html). 443/tcp open ssl/http Apache httpd |_http-server-header: Apache |_http-title: Site doesn't have a title (text/html). | ssl-cert: Subject: commonName=www.example.com | Not valid before: 2015-09-16T10:45:03 |_Not valid after: 2025-09-13T10:45:03 MAC Address: 08:00:27:95:A1:6B (Oracle VirtualBox virtual NIC) Device type: general purpose Running: Linux 3.X|4.X OS CPE: cpe:/o:linux:linux_kernel:3 cpe:/o:linux:linux_kernel:4 OS details: Linux 3.10 - 4.1 Network Distance: 1 hop TRACEROUTE HOP RTT ADDRESS 1 0.29 ms linux.vulnlab.fbcnt.in (10.1.11.101) OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ . Nmap done: 1 IP address (1 host up) scanned in 18.18 seconds Not a lot to go off so far, lets throw nikto at the web service and see what it comes up with. ...