Hacknet Guide

Labyrinths Step-By-Step Walkthrough for Hacknet

Labyrinths Step-By-Step Walkthrough

Overview

A completely spoiler-filled guide on how to do every mission in the DLC.

General Tips

  • Type your commands out ahead of time so you can run them as fast as possible
  • Use FTPSprint instead of FTPBounce. It’s way faster
  • Use the “ps” and “kill [id]” commands to stop TorrentStreamInjector whenever it’s done. You’ll save time
  • If stuck, investigate every route. I mean EVERY route. You should be scanning everything you hack into. eosDeviceScanner should be used on all personal computers. MemDumpGenerator should be used when you’ve tried everything else
  • There will be things you literally can’t get past, and that’s okay. Unlike in the main game, you’re working in a team. If you find something you can’t move past, try investigating everything else first. Your teammates might come up with a solution for you
  • If you’re stuck, also consider going back over the mission requirements. Labyrinths has a heavier focus on investigation, imo. If you can’t figure something out, there’s a good chance you missed or forgot something

Kaguya Source

  1. Connect to the IP given in the email. (Need the email for this? There’s a guide here.)
  2. Hack into the server
  3. Hop on into /bin and pick up FTPSprint.exe and KaguyaTrials.exe
  4. Whenever you’re ready, run KaguyaTrials and click “BEGIN TRIAL”

Kaguya Sprint Trial (Second Test)

  1. Connect to the given IP and hack in
  2. Get TorrentStreamInjector.exe from /bin
  3. Delete all files in /sys
  4. Disconnect

Kaguya Push Trial (Third Test)

  1. Connect to the given IP and hack in
  2. Delete the file in /home
  3. Disconnect

The Ricer

  1. Connect to the given IP and hack in
  2. Move to /home/projects and grab SSLTrojan.dec WIP_SSLTrojan.dec
  3. Grab ThemeChanger.exe if you want
  4. Go to the drop server and upload SSLTrojan.dec
  5. After completion, get SSLTrojan.exe from the drop server

NOTE: If you have Decypher, you can decrypt the file to get SSLTrojan.exe, but uploading it won’t count for accomplishing the mission. You have to upload the encrypted file. If you don’t have Decypher, upload the encrypted file and they’ll decode it for you. You just have to hack into the upload server log in to the upload server like a normal person to get it. The password is given in the chat.

DDOSer on some critical servers

  1. Connect to the given IP and hack in
  2. DESTROY EVERYTHING
  3. Scan the network
  4. Hack into the connected computer
  5. DESTROY EVERYTHING

The Hermetic Alchemists

  1. Connect to the given IP and hack in
  2. Scan the network
  3. Hack into Coagula and Solve
  4. Try to hack into Rebis, and you’ll notice it’s not that easy. D3f4ult helps you out though. In the chat, you get the solution for the firewall: “clarity”.
  5. Hack into Rebis
  6. Use eosDeviceScan and get admin access
  7. Poke around and see if you can find where he might have it. Go to /eos/notes/home.txt and connect to the “Home” IP address you find
  8. Hack into the computer you find
  9. Get SignalScramble.exe from /bin
  10. Upload it to the drop server

Memory Forensics (1/3)

  1. Go to the drop server and pick up MemForensics.exe from /bin
  2. Staying on the drop server, navigate to /home/MemoryDumps
  3. Run MemForensics on the first of your md files (Kaguya_Dump_1.md in this case)
  4. Process recent commands. You’ll find two working IP address and a useless username and password
  5. Connect and hack into the first IP. There’s a decompiled MemForensics in /home! For shame!
  6. DESTROY EVERYTHING
  7. Connect and hack into the second IP you find. Poke around a bit
  8. There isn’t any sign of MemForensics here. Leave
  9. Run MemForensics on the second of your md files (Kaguya_Dump_2.md in this case)
  10. Process files in memory. You find a lot of defunct IP addresses… and one working one. Connect to it and hack in
  11. No sign of anything here, either. You’re done

Memory Forensics (2/3)

  1. Go to the drop server and pick up MemForensics.exe from /bin
  2. Staying on the drop server, navigate to /home/MemoryDumps
  3. Run MemForensics on the first of your md files (Kaguya_Dump_3.md in this case)
  4. Process files in memory. You’ll find an IP address that doesn’t exist along with a username and password that don’t work. Nothing to do here
  5. Run MemForensics on the second of your md files (Kaguya_Dump_4.md in this case)
  6. Process recent commands. You’ll find a working IP address. Connect and hack in
  7. Navigate into /share/secure. There are copies of MemDump files! Naughty!
  8. DESTROY EVERYTHING

Striker’s Archives

  1. Connect to the given IP and hack in
  2. Pick up MemDumpGenerator.exe from /bin
  3. Upload it to the drop server

HACKED!

This does not happen to everyone. It depends on whether or not Striker can find your IP address, which depends on how you disconnect from the computer (hint hint).

If you get that message about an incoming connection, though, you have two options:

DON’T GET HACKED:

  1. Very quickly go to your PC and set up a shell
  2. Hit “trap” on that shell and confirm it

You’ll be given a slight reboot and can continue where you were.

GET HACKED:

  1. Wait patiently and watch your computer freak out
  2. Coel will appear to help and give you some instructions. Hit “proceed” when you’re ready
  3. Use either the terminal or your computer’s file explorer (whichever one you find easiest) to track down the file “VMBootloaderTrap.dll” and delete it. Information on how to do so is below.
  4. Close the text file and terminal and restart Hacknet (the game itself)
  5. Optional: At your teammates’ suggestion, get revenge

Everything should start up again and you can continue.

Using the Terminal
  1. The terminal should start you off in /Hacknet. Use the change directory command to navigate to /Libs/Injected
  2. There should be a file named “VMBootloaderTrap.dll” in that folder. Use the delete/remove command to delete it
  3. If you need to check what’s in the folder you’re in, use the directory/list command

Commands
Windows:

  • “cd [directory name]” – Change directory. Works the same as in Hacknet. Moves you from one folder to another. Putting “..” as the directory name will move you up one folder.
  • “dir” – Directory. Lists all files and folders in the current directory.
  • “del [file name]” – Delete. Deletes the file.
  • You don’t need additional permissions to delete it.

Mac/Linux: (All work the same as in Hacknet)

  • cd – Change directory. Moves you from one folder to another. Putting “..” as the directory name will move you up one folder.
  • “ls” – List. Lists all files and folders in the current directory.
  • “rm [file name]” – Remove. Deletes the file.
  • “icacls VMBootloaderTrap.dll /grant USERS:d” – This is used once you find the file to give it the permissions you need to delete it. Type it in exactly.

Using your File Explorer

(Thanks to PhoenixBlue44 for describing how to do this on Mac)

  1. Open up your file explorer and navigate to the file location
  2. You might not be able to see the folder you need to find. If so, follow the instructions below:
      Windows:
    1. Open up your control panel
    2. Go to “Appearance and Personalization”, then “Folder Options”
    3. Hit “Show hidden files and folders”
    4. You should now be able to find the folder you need

    Mac:

    1. In your user folder, right click to bring up the view options
    2. Select “Show View Options” then “Show Library Folder”
    3. Move on to “Application Support”, “Hacknet”, “Libs”, then “Injected”
  3. You should see “VMBootloaderTrap.dll” in the folder. Delete it

File Location
Windows: C:/Users/[YourUserAccountHere]/Documents/”My Games”/Hacknet/Libs/Injected
Mac: [YourUserFolder]/Application Support/Hacknet/Libs/Injected

This can also be done using your File Explorer/Finder. You just have to navigate to the same folder and delete the file. You might have to change your settings to view hidden files to do this, however.

NOTE: This can happen more than once. My first playthrough, I had to go through the cmd prompt and I had no other issues. My second playthrough, I was able to use a trap to stop the first one, but the trap didn’t work for the second try. The process for fixing it is the same, though.

It Follows

  1. Connect to the given IP and hack in
  2. But there’s nothing there! Not quite, my friend. Use MemDumpGenerator
  3. Use MemForensics on the generated mem file. To do this, go to your PC. All generated mem files are stored under /home/MemDumps
  4. Process recent commands run
  5. Go to the mail server and log in. Username: cornch1p Password: SaltyChippies22
  6. Poke around the emails and look for new IP addresses
  7. Connect and hack into TortillaVPS
  8. Destroy all files in /home

Cleanup

  1. Connect and log in to the IP using the informatio D3f4ult gives you. You can hack in, too, if you feel like it
  2. We’re looking for unreleased music. There are two mp3 files here; both are in the /home folder. Find them and upload to the drop server
  3. Move back into the /home folder. See all those files that start with “d3f”? Those are D3f4ult’s. Delete them
  4. Clear the logs

Neopals

  1. Connect to given IP and hack in
  2. Scan for connections
  3. Connect to the Version Control server and hack in
  4. Browse the records. You’ll notice that the ones with a * next to them have new IP addresses
  5. Hack in to Thomas Office. He has a txt file where he complains about Tiff storing her login information on her phone
  6. Hack in to Tiff Doehan’s Personal Powerbook
  7. Use eosDeviceScan and log in to Tiff’s ePhone 7
  8. Get information from /eos/notes/work_logins.txt. You’ll get the login for the Authentication server. Username: admin Password: mlk3fsdie321
  9. Log in to the Authentication server. You’ll see a text file telling Alex to stop writing admin passwords down there and that the offending file was deleted. Use MemDumpGenerator
  10. Process Files in Memory Username: admin Password: n8u5v432kj
  11. Log in to the Mainframe
  12. Go to /Database/Minx_x1.rec
  13. Replace the number of NeoPoints with a large enough number

Bean Stalk

  1. Connect to the given IP and hack in
  2. Get Asdis Dagrunsdottir’s IP address from /home/connections.txt
  3. There’s a file in /home saying that all legal documents are kept on a cloud. You gotta look somewhere else. Use MemDumpGenerator
  4. Look at the mem file you get. Process recent files. You’ll get a new IP address for someone named Manananggal
  5. Connect to their IP and hack in
  6. There’s a file in /home/dagrunsdottir_leak. Grab it and upload it to the drop server

Expo Grave

  1. Get all IPs from the mission description
  2. Go to the upload server and get the two files you’ll need
  3. Hack in to Howard Grave’s PC
  4. He has a copy under /home. Remove and use “upload” to replace with the matching file from the upload server
  5. In /home/phone_reminder.txt he mentions he changed his phone’s login details. Username: admin Password: fma93dK
  6. Use eosDeviceScan and the new information to log in to his phone
  7. He has another copy of it in /eos/STORAGE. Remove and replace
  8. Connect and hack in to the Expo’s server
  9. They have a copy under /home/talks/files. Remove and replace

The Keyboard Life

  1. Connect and hack in to the given IP
  2. Open up /home/records/purchase_blacklist.txt
  3. Remove ChucklingKumquat from the list

Take Flight

  1. Get both IPs from the mission description
  2. You can’t just hack in to the Bookings Mainframe, so connect and hack into LAX_Pacific_Server
  3. Scan the network
  4. Connect and hack into the Network Hub
  5. Scan the network. At this point your team will get to work on taking out the Whitelist server. Wait a little bit and it’ll be taken down
  6. You can now easily hack in to the Whitelist Authenticator
  7. Scan the network to get access to lots of employee computers
  8. Hack into Faith Morello’s laptop
  9. Get PacificPortcrusher.exe from /bin
  10. Check out /home/work/logindetails.txt for her login information to the security IRC. Username: faithless Password: catsarebestpet
  11. Hack in to Vito McMichael’s Laptop
  12. Go to /home/irc_address.txt and get the IP for the Security IRC
  13. Log in using Faith Morello’s login details
  14. Look at the IRC chat and you’ll get Yasu Arai’s old password. It’s “1185JACK”
  15. Hack in to Kim Burnaby’s Office Computer
  16. Her eosDevice is corrupted, so get her email login from the backup under /home/ePadBackup. Username: kburnaby Password: noneofyourbusiness
  17. Go to PacificAir_Mail and log in using her information
  18. She’ll have an email from Yasu Arai where he’s complaining about security. Use the information in it to figure out his new password. It’s “1185JACK1”
  19. Use that to log in to Yasu Arai’s eBook Touch
  20. Use eosDeviceScan. Connect and log in using default information
  21. Arai’s email login info can be found under /eos/mail/[email protected]. Username: YasuArai Password: 9NINETWO2
  22. Go back to the Bookings mainframe and click “PacificAir Bookings Mainframe” to get to the regular admin login. There’s an option to reset the admin password. Hit it
  23. The new password will be sent to the administrator’s, Yasu Arai’s, email
  24. Go back to PacificAir’s Mail Server and log in as Yasu Arai. The top email will have the new password, which is randomly generated
  25. Go to your mission description, add the password as a detail, and complete

Take_Flight Cont.

  1. Get all the IP addresses from the mission description
  2. Hop over to the upload server and pick up sysinfo.bat under /home
  3. Connect to Pacific_ATC_RoutingHub and hack in. WORK QUICKLY
  4. Scan for connections. You’ll see a new authentication server: Pacific_ATC_WhitelistAuthenticator
  5. You can’t hack into the WhitelistAuthenticator, but you can use MemDumpGenerator on the RoutingHub. Do so
  6. Use MemForensics on the file you get from that
  7. Process recent files. You’ll find the active whitelist password. It’s CKYX258
  8. Pacific_ATC_WhitelistAuthenticator is the active whitelist. Use that password to log in as the admin
  9. You need the authenticator to stop blocking you. There are multiple ways to do this:
      Make it think that you’re an okay IP address: (Thanks to El Barbas for letting me know about the append command)
    1. Go to /Whitelist/list.txt
    2. Replace the IP address there with your IP (“replace [file text] [your IP]”) or add your IP into the file (“append [file name] [your IP]”)
    3. Removing the IP address when you’re done is optional

    Take the authenticator offline: (Thanks to Chewy for telling me this:)

    1. Find the authenticator dll
    2. Rename it to something else
    3. Forkbomb the authenticator
  10. You can now connect to Skylink. Do so and hack in as you usually would. WORK QUICKLY
  11. Upload sysinfo.bat from your PC to Skylink’s /sys folder

NOTE ON AUTHENTICATORS: “Why do I have to add my IP to the whitelist this time when I didn’t have to do it during Part 1?” Part 1’s authenticator had a whitelist, but it was disabled by your team. This one is still running, which is why you have to find a way to work around it.

The Plane

You have a choice.

SAVE THE PLANE:

  1. Hack in to _0018
  2. Grab 747FlightOps.dll from /FlightSystems
  3. Connect and hack in to the other plane (_0022)
  4. Upload 747FlightOps.dll to that plane’s /FlightSystems folder
  5. Move to the plane’s main page and hit “Reload Firmware”. Hopefully you were quick enough

Coel will then ask you to go after Kaguya:

  1. Connect to the given IP and hack in
  2. Destroy everything. Take a look around if you want

When you’ve done that, Coel will give you something to turn everything back to normal. The Kaguya Trials are over.

STOP THE PLANE:

  1. Don’t do anything for _0022, or take too long to save it
  2. You can crash _0018 or not. It’s up to you

Kaguya will then post an address to Kaguya_Projects. Hit the button, and everything will go back to normal. The Kaguya Trials are over.

© 2025 Steam Solo • Made by
SteamSolo.com