MrRobot CTF Writeup
Here's my writeup for the MrRobot CTF: First I checked out /robots.txt and found interesting stuff
I found the first key and a dictionary that we will use later. Next I found a WPlogin page while fuzzing, I checked it out. I tried naturally admin:admin Then I tried the username elliot because of the MrRobot theme, and it gave me a different error message, so I knew that the username was valid. After this I started cracking the password using the dictionary I found in the first step, and the username elliot. After some time I managed to crack the password and log into the WP admin panel. I go to the themes page and set up a reverse shell in the content.php file. I set up a listener and got a shell. After this I went to the /home/robot directory and found the flag which was not readable, but I found a hash. I cracked the hash and escalated to the user robot, getting the user flag. After this I try and escalate to root, searching for useful SUID bins and I found that /usr/local/bin/nmap had the SUID bit set, meaning it executed with elevated privileges.After this I got root and the root flag.




































