Offensive Security Intro
Hack your first website (legally in a safe environment) and experience an ethical hacker's job.
easy
10 min
58,222
To access material, start machines and answer questions login.
Offensive Security is about thinking like an attacker to find weaknesses before real hackers do.
In this room, you'll hack your first website in a safe and legal environment to see how ethical hackers operate.
Which term describes simulating a hacker's actions to find system vulnerabilities?
Offensive Security
Defensive Security
This room uses a virtual desktop to simulate a real system.
A fake banking application called FakeBank will launch. When the lab loads, you'll see the banking application running in your browser.
What is the bank account number shown in the FakeBank application?
Find a weakness in the FakeBank website. One common mistake is leaving hidden pages accessible. We'll look for those.
Inside the VM terminal, copy and paste the dirb command below and wait for it to finish. Any lines from the output that start with + are pages that have been found. Dirb will find two URLs.
dirb http://fakebank.thmDirb found one URL, http://fakebank.thm/images.
What is the other hidden URL?
You should now have found a hidden admin panel that lets you add money to your account.
Inside the VM browser, copy and and paste the URL below and deposit $2000 into "Account No. 8881".
http://fakebank.thm/bank-transferWhen your balance turns positive, a pop-up with green text appears.
Enter the green words as the answer (ALL CAPS)
Ready to learn Cyber Security? Create your free account today!
TryHackMe provides free online cyber security training to secure jobs & upskill through a fun, interactive learning environment.
Already have an account? Log in