Member-only story
Bebop Tryhackme Writeup
Room link: https://tryhackme.com/room/bebop
Note: This room is for Premium Members Only. who purchased THM premium membership.
Bebop is a quick box that exemplifies exactly how insecure some drone operating systems are. This box shouldn’t take very long to root — it’s really not particularly challenging (which is slightly worrying given it’s based off real drone software). Of much more interest is the overarching concept: drone hacking. If you haven’t already watched the video embedded into the THM room, I would highly recommend it; it’s really interesting (and hilarious in places). I’ll include an embed of the video below, before properly beginning the write-up:
<iframe width=”704" height=”360" src=”https://www.youtube.com/embed/5CzURm7OpAA" frameborder=”0" allow=”accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture” allowfullscreen></iframe>
Question 1. What is your codename?
Answer: pilot
Enumeration:
As per normal, the first thing we’re going to do with this box is run an nmap scan. A basic service scan is more than enough for our purposes:
