Room Banner

Bolt

A hero is unleashed

easy

45 min

Room progress ( 0% )

To access material, start machines and answer questions login.

Task 1Deploy the machine

This room is designed for users to get familiar with the Bolt CMS and how it can be exploited using Authenticated Remote Code Execution. You should wait for at least 3-4 minutes for the machine to start properly.

If you have any queries or feedback you can reach me through the TryHackMe Discord server or through Twitter.

Answer the questions below
Start the machine

A hero is unleashed

Once you have successfully deployed the VM , enumerate it before finding the flag in the machine.

Answer the questions below
What port number has a web server with a CMS running?

What is the username we can find in the CMS?

What is the password we can find for the username?

What version of the CMS is installed on the server? (Ex: Name 1.1.1)

There's an exploit for a previous version of this CMS, which allows authenticated RCE. Find it on Exploit DB. What's its EDB-ID?

Metasploit recently added an exploit module for this vulnerability. What's the full path for this exploit? (Ex: exploit/....)

Note: If you can't find the exploit module its most likely because your metasploit isn't updated. Run `apt update` then `apt install metasploit-framework`

Set the LHOST, LPORT, RHOST, USERNAME, PASSWORD in msfconsole before running the exploit

Look for flag.txt inside the machine.

Created by

Room Type

Free Room. Anyone can deploy virtual machines in the room (without being subscribed)!

Users in Room

23,386

Created

1830 days ago

Ready to learn Cyber Security? Create your free account today!

TryHackMe provides free online cyber security training to secure jobs & upskill through a fun, interactive learning environment.

Already have an account? Log in

We use cookies to ensure you get the best user experience. For more information contact us.

Read more