TryHackMe: Chocolate Factory

Having fun with TryHackMe again. So, here is the write up and guideline to pass this challenge. This challenge quite interesting for me.

Room: https://tryhackme.com/room/chocolatefactory
Level: Easy

Task: This room was designed so that hackers can revisit the Willy Wonka’s Chocolate Factory and meet Oompa Loompa. Need to complete 4 task in total.

Lets get started

This is the first page shows up after open the machine IP. Hmmm. There is no hint in the source code. If there is no hint, then I need to check with every possible tool can be use.

Task 1: Find the key

Firstly, check the ports

# nmap -A -T4 10.10.197.X

Since there is SSH port open, lets hydra it. I just guess the username so that I can brute it using rockyou.txt dictionary

# hydra -l wonka -P ~/wordlists/rockyou.txt 10.10.197.X -t 4 ssh
# hydra -l charlie -P ~/wordlists/rockyou.txt 10.10.197.X -t 4 ssh
# hydra -l root -P ~/wordlists/rockyou.txt 10.10.197.X -t 4 ssh