THM: Brute It
Brute It is an easy box for practicing brute force techniques. After some simple recon we’ll brute force our way through a login form to gain access to an admin panel. Once authenticated we’re provided a user’s private RSA key file which we’ll need to crack the passphrase for in order to use it to gain shell access. Finally, we’ll exploit sudo privileges to leak the root user’s password hash, and crack it again with brute force in order to get a root shell.
THM: Mr Robot
Mr Robot is an easy linux box based on the TV series that hosts a WordPress site. We’ll start with some enumeration to find a wordlist that helps us brute force our way into the WP admin panel. Once we have our shell we find a password hash we can crack to access their account and get the 2nd flag.