Room Banner

Corp Website

lafb2026-e7

medium

60 min

25

User avatar
User avatar
User avatar

To access material, start machines and answer questions login.

Task 1Romance and Co

Set up your virtual environment

To successfully complete this room, you'll need to set up your virtual environment. This involves starting both your AttackBox (if you're not using your VPN) and Target Machines, ensuring you're equipped with the necessary tools and access to tackle the challenges ahead.
Attacker machineMachine info
Status:Off
Target machineMachine info
Status:Off
Romance and Co
From
TryHackMe
To
You
 
Points
200
Category
Web
Difficulty
Medium
My Dearest Hacker,

Valentine's Day is fast approaching, and "Romance & Co" are gearing up for their busiest season.

Behind the scenes, however, things are going wrong. Security alerts suggest that "Romance & Co" has already been compromised. Logs are incomplete, developers defensive and Shareholders want answers now!

As a security analyst, your mission is to retrace the attacker's, uncover how the attackers exploited the vulnerabilities found on the "Romance & Co" web application and determine exactly how the breach occurred.

You can find the web application here: http://MACHINE_IP:3000

Web
With love,
Chief Inspector Valentine 💕
Answer the questions below

What is the user flag?

What is the root flag?

Ready to learn Cyber Security? Create your free account today!

TryHackMe provides free online cyber security training to secure jobs & upskill through a fun, interactive learning environment.

Already have an account? Log in

We use cookies to ensure you get the best user experience. For more information see our cookie policy.