Basic Pentesting
This is a machine that allows you to practise web app hacking and privilege escalation
easy
45 min
Room progress ( 0% )
To access material, start machines and answer questions login.
Basic Penetration Testing | John Hammond • Aug 19, 2020
Source: YouTube Task 1Web App Testing and Privilege Escalation
Task includes a deployable machine
In these set of tasks you'll learn the following:
- brute forcing
- hash cracking
- service enumeration
- Linux Enumeration
The main goal here is to learn as much as possible. Make sure you are connected to our network using your OpenVPN configuration file.
Credits to Josiah Pierce from Vulnhub.
Answer the questions below
Deploy the machine and connect to our network
Find the services exposed by the machine
What is the name of the hidden directory on the web server(enter name without /)?
User brute-forcing to find the username & password
What is the username?
What is the password?
What service do you use to access the server(answer in abbreviation in all caps)?
Enumerate the machine to find any vectors for privilege escalation
What is the name of the other user you found(all lower case)?
If you have found another user, what can you do with this information?
What is the final password you obtain?
Created by
Room Type
Free Room. Anyone can deploy virtual machines in the room (without being subscribed)!
Users in Room
281,450
Created
2196 days ago
Ready to learn Cyber Security? Create your free account today!
TryHackMe provides free online cyber security training to secure jobs & upskill through a fun, interactive learning environment.
Already have an account? Log in