Mirai hint

i have problem with mirai bit time .
I found SSH on port 22 ,did hydra brute force with metasploit/mirai_username and mirai_password list and nothing .Please any hint this thing is driving me craze .Thanks

Identifying the OS distribution from running services will help :wink:

Man i was scared, I tought I was in an actual service called Pi-Hole

I will I hope you hint will help,thanks

Search about the OS and search how mirai spread

I did all that and literally tried everything but no luck .Definitely i am missing something .

try to brute force again… think about the device which is first and most affected by mirai and bonet and see the OS of machine and think which IoT runs that os most in past year

Thanks i will .

There’s absolutely zero need to brute force any part of this machine. If you research what Mirai was and how it worked, and then apply that knowledge to what you know about this machine, the answer is right in front of you.

enumerate the web app on the machine + all possible services then you will get to know the dist of the machine. The rest should be common sense!

Thanks for hint i will try .

Some comments are somewhat misleading here, you will not see the OS name as the result of some OS detection features like nmap has (or else please PM me about it I would love to know) . You need to guess ( using your organic brain ) the hardware with the info you collected, and then guess the OS.

as much i follow nmap i’m finding Debian and lighttpd so called getting ubuntu. any cllue what i’m doing wrong?

been trying with the concept.I know how mirai works and know the defaults for the pi plus the mirai list but so far haven’t managed to get entry.

Indeed it’s way simpler than you think to get user.txt …kinad stuck with the root.txt now

Imagine this is just a box you want to install the webapp on. What is that web app designed to do? What would you do to install it on the os and hardware its designed for? What was Mirai and how did it spread?