I feel like I’m missing something obvious and it’s driving me nuts. I’ve done a full TCP port scan of Mirai and found 7 open TCP ports. Some of these, that commonly are logged into I have attempted to brute force their username / passwords per the way Mirai spreads using the lists Rapid7 includes with metasploit without any luck. I’ve researched various exploits, finding some which were for older versions of the services. The web pages I’ve found either are 401 Unauthorized or weren’t brute forcible. I’m a bit lost and was wondering if anyone could point me in the right direction so that I can research and find the correct path forward.
@zyaya said:
I am really stuck, I took a look on Mirai name and didn’t found anything useful, any hint? another words?
Enumerate each and everything about your target, LIke system, OS, open ports. do web enumeration. take a look on every port…and try some simple stuff first …
This thing is killing me lol. I researched the name and got to the login. Not sure what more enumeration I can do. Any hints would be greatly appreciated. Thanks
@neoson said:
This thing is killing me lol. I researched the name and got to the login. Not sure what more enumeration I can do. Any hints would be greatly appreciated. Thanks
Do you understand what Mirai was? And how it worked?
@neoson said:
This thing is killing me lol. I researched the name and got to the login. Not sure what more enumeration I can do. Any hints would be greatly appreciated. Thanks
Do you understand what Mirai was? And how it worked?
I do. It’s hard to say where i’m stuck at without giving a bunch away but the default isn’t working for me.
So this is weird. I tried the default a number of times and it kept failing then it finally worked. I was in and looked around and then the pages stopped loading. So I exited and I’m back and it won’t let me in again lol. It doesn’t want me to win lol.