Room Banner

UltraTech

The basics of Penetration Testing, Enumeration, Privilege Escalation and WebApp testing

medium

75 min

Room progress ( 0% )

To access material, start machines and answer questions login.

Task 1Deploy the machine

~_. UltraTech ._~

This room is inspired from real-life vulnerabilities and misconfigurations I encountered during security assessments.

If you get stuck at some point, take some time to keep enumerating.


[ Your Mission ]

You have been contracted by UltraTech to pentest their infrastructure.

It is a grey-box kind of assessment, the only information you have

is the company's name and their server's IP address.

Start this room by hitting the "deploy" button on the right!


Good luck and more importantly, have fun!

__

Lp1 <fenrir.pro>


[ Extra Information ]

If you have any comment or question regarding this room, you can contact me on TryHackMe's Discord.

Answer the questions below

Deploy the machine

After enumerating the services and resources available on this machine, what did you discover?
Answer the questions below

Which software is using the port 8081?

Which other non-standard port is used?

Which software using this port?

Which GNU/Linux distribution seems to be used?

The software using the port 8081 is a REST api, how many of its routes are used by the web application?

Now that you know which services are available, it's time to exploit them!

Did you find somewhere you could try to login? Great!

Quick and dirty login implementations usually goes with poor data management.

There must be something you can do to explore this machine more thoroughly..

Answer the questions below
There is a database lying around, what is its filename?

What is the first user's password hash?

What is the password associated with this hash?

Congrats if you've made it this far, you should be able to comfortably run commands on the server by now!

Now's the time for the final step!

You'll be on your own for this one, there is only one question and there might be more than a single way to reach your goal.

Mistakes were made, take advantage of it.

Answer the questions below
What are the first 9 characters of the root user's private SSH key?

Created by

User avatar
lp1

Room Type

Free Room. Anyone can deploy virtual machines in the room (without being subscribed)!

Users in Room

31,647

Created

2325 days ago

Ready to learn Cyber Security? Create your free account today!

TryHackMe provides free online cyber security training to secure jobs & upskill through a fun, interactive learning environment.

Already have an account? Log in

We use cookies to ensure you get the best user experience. For more information contact us.

Read more