Room Banner

Nax

Identify the critical security flaw in the most powerful and trusted network monitoring software on the market, that allows an user authenticated execute remote code execution.

medium

75 min

Room progress ( 0% )

To access material, start machines and answer questions login.

Task 1Flag

Are you able to complete the challenge?
The machine may take up to 5 minutes to boot and configure
Note: This room requires Metasploit 6.
Answer the questions below

What hidden file did you find?

Who is the creator of the file?

If you get an error running the tool on your downloaded image about an unknown ppm format -- open it with gimp or another paint program and export to ppm format, and try again!

What is the username you found?

What is the password you found?

What is the CVE number for this vulnerability? This will be in the format: CVE-0000-0000

Now that we've found our vulnerability, let's find our exploit. For this section of the room, we'll use the Metasploit module associated with this exploit. Let's go ahead and start Metasploit using the command `msfconsole`.

After Metasploit has started, let's search for our target exploit using the command 'search applicationame'. What is the full path (starting with exploit) for the exploitation module?

Compromise the machine and locate user.txt

Locate root.txt

Created by

Room Type

Free Room. Anyone can deploy virtual machines in the room (without being subscribed)!

Users in Room

15,595

Created

1940 days ago

Ready to learn Cyber Security? Create your free account today!

TryHackMe provides free online cyber security training to secure jobs & upskill through a fun, interactive learning environment.

Already have an account? Log in

We use cookies to ensure you get the best user experience. For more information contact us.

Read more