To access material, start machines and answer questions login.
Score updated
Score updated
Set up your virtual environment
To successfully complete this room, you'll need to set up your virtual environment. This involves starting both your AttackBox (if you're not using your VPN) and Target Machines, ensuring you're equipped with the necessary tools and access to tackle the challenges ahead.
Attacker machine
Status:Off
Lab machine
Status:Off
Deploy the machine. Wait 7 minutes for everything to startup.
(go get a cup of java ☕ or something)
Answer the questions below
Target is up. Time to recon...

(root does a body good. pass it on (opens in new tab))
What do lumberjacks and turtles have to do with this challenge?
Hack into the machine. Get root. You'll figure it out.
Answer the questions below
What is the first flag?
What is the "real" root flag?
References used making this room
- Lunasec.io blog post on Log4Shell (opens in new tab)
- Exploiting JNDI Injections in Java (opens in new tab)
- -2021-44228 – Log4j 2 Vulnerability Analysis (opens in new tab)
- Malicious servers are fun. (Come on.... work for it a bit)
Answer the questions below
All your log belong to us.
Ready to learn Cyber Security?
TryHackMe provides free online cyber security training to secure jobs & upskill through a fun, interactive learning environment.
Already have an account? Log in
