To access material, start machines and answer questions login.
This room is designed for users to get familiar with the Bolt CMS and how it can be exploited using Authenticated Remote Code Execution. You should wait for at least 3-4 minutes for the machine to start properly.
If you have any queries or feedback you can reach me through the TryHackMe Discord server or through Twitter.
A hero is unleashed
Once you have successfully deployed the VM , enumerate it before finding the flag in the machine.
What is the username we can find in the CMS?
What is the password we can find for the username?
What version of the CMS is installed on the server? (Ex: Name 1.1.1)
There's an exploit for a previous version of this CMS, which allows authenticated RCE. Find it on Exploit DB. What's its EDB-ID?
Metasploit recently added an exploit module for this vulnerability. What's the full path for this exploit? (Ex: exploit/....)
Note: If you can't find the exploit module its most likely because your metasploit isn't updated. Run `apt update` then `apt install metasploit-framework`
Look for flag.txt inside the machine.
Created by
Room Type
Free Room. Anyone can deploy virtual machines in the room (without being subscribed)!
Users in Room
23,386
Created
1830 days ago
Ready to learn Cyber Security? Create your free account today!
TryHackMe provides free online cyber security training to secure jobs & upskill through a fun, interactive learning environment.
Already have an account? Log in