OP 20 November, 2023 - 09:41 PM
(This post was last modified: 20 November, 2023 - 09:43 PM by iLoveNuggets.)
Let's learn together
Learn how TryHackMe can help you become a hacker.
https://tryhackme.com/room/becomeahackeroa
Task 1 :
What is Offensive Security?
In short, offensive security is the process of breaking into computer systems, exploiting software bugs, and finding loopholes in applications to gain unauthorized access to them.
To beat a hacker, you need to behave like a hacker, finding vulnerabilities and recommending patches before a cybercriminal does, as you'll do in this room!
On the flip side, there is also defensive security, which is the process of protecting an organization's network and computer systems by analyzing and securing any potential digital threats; learn more in the digital forensics room.
In a defensive cyber role, you could be investigating infected computers or devices to understand how it was hacked, tracking down cybercriminals, or monitoring infrastructure for malicious activity.
Which of the following options better represents the process where you simulate a hacker's actions to find vulnerabilities in a system?
--------------------------------------------------------------------------------------
Task 2
Let's Hack - Part 1 of 2
This is your first ethical hacking exercise. Not only will you learn about ethical hacking, where you will hack a test website, but you’ll also learn about how the TryHackMe platform works. To get started and follow along, click the “View Site” button in the upper right corner of this task to access the web application.
After months of working on his business idea, Mike was finally ready to launch the website! He had spent much time and effort creating a great product and was confident that people would love it.
However, Mike was also nervous about the potential for cyber threats. He knew that businesses of all sizes were being hacked every day, and he did not want to be a victim. You get a call asking you to assess his web application and see if you can spot any weaknesses. In particular, he is concerned that the software development team might have forgotten some private pages exposed to the public. He hopes you can find them before he goes public and the bad guys find them and wreak havoc.
Are you ready to help Mike? If you haven’t done so already, click on the “View Site” button in the upper right corner of this task to access the web application. (If you don’t see the “View Site” button, you might need to scroll up.)
In the upper right half, you can see a simulated browser window showing
, as shown in the figure above. You can interact with the address bar.
We can run many security tests, but first, let’s see if we can discover any hidden pages. Here are some pages we can try:
(Optional) Using an Automated Tool: Gobuster
Changing the browser’s address bar is helpful if the list of pages you want to try is limited. What should we do if we have hundreds or thousands of words to try? We need to use an automated tool. A solid tool to automatically search for hidden pages is Gobuster, which runs in the terminal. In the terminal, in the lower right, we need to issue the following command:
gobuster dir --url http://www.onlineshop.thm/ -w /usr/share/wordlists/dirbuster/directory-list.txt
The command above is made up of the following parts:
If you made it this far, congratulations, you have just discovered the hidden page using two different approaches!
What is the name of the hidden web page you discovered?
answer is
THE ANSWER IS : LOGIN
-----------------------------------------------------------
lets hack part 2 part 2
TASK 3
In Task 1, we discovered a hidden page that allows registered users to sign in. If we can figure out the username and password, we may gain access to some private sections of the web application!
One of the most common usernames is
. We will start our attack using
as the username and try to guess the password. Try to log in using the username
and one of the common passwords listed below:
Learn how TryHackMe can help you become a hacker.
https://tryhackme.com/room/becomeahackeroa
Task 1 :
What is Offensive Security?
In short, offensive security is the process of breaking into computer systems, exploiting software bugs, and finding loopholes in applications to gain unauthorized access to them.
To beat a hacker, you need to behave like a hacker, finding vulnerabilities and recommending patches before a cybercriminal does, as you'll do in this room!
On the flip side, there is also defensive security, which is the process of protecting an organization's network and computer systems by analyzing and securing any potential digital threats; learn more in the digital forensics room.
In a defensive cyber role, you could be investigating infected computers or devices to understand how it was hacked, tracking down cybercriminals, or monitoring infrastructure for malicious activity.
Which of the following options better represents the process where you simulate a hacker's actions to find vulnerabilities in a system?
- Offensive Security
- Defensive Security
--------------------------------------------------------------------------------------
Task 2
Let's Hack - Part 1 of 2
This is your first ethical hacking exercise. Not only will you learn about ethical hacking, where you will hack a test website, but you’ll also learn about how the TryHackMe platform works. To get started and follow along, click the “View Site” button in the upper right corner of this task to access the web application.
After months of working on his business idea, Mike was finally ready to launch the website! He had spent much time and effort creating a great product and was confident that people would love it.
However, Mike was also nervous about the potential for cyber threats. He knew that businesses of all sizes were being hacked every day, and he did not want to be a victim. You get a call asking you to assess his web application and see if you can spot any weaknesses. In particular, he is concerned that the software development team might have forgotten some private pages exposed to the public. He hopes you can find them before he goes public and the bad guys find them and wreak havoc.
Are you ready to help Mike? If you haven’t done so already, click on the “View Site” button in the upper right corner of this task to access the web application. (If you don’t see the “View Site” button, you might need to scroll up.)
In the upper right half, you can see a simulated browser window showing
Code:
[color=#27ae60]http://www.onlineshop.thm[/color]
We can run many security tests, but first, let’s see if we can discover any hidden pages. Here are some pages we can try:
- (In other words, we use the embedded browser to check if http://www.onlineshop.thm/sitemap exists.)Code:
sitemap
- (As you guessed, we check if http://www.onlineshop.thm/mail exists.)Code:
mail
- Code:
login
- Code:
register
- Code:
admin
(Optional) Using an Automated Tool: Gobuster
Changing the browser’s address bar is helpful if the list of pages you want to try is limited. What should we do if we have hundreds or thousands of words to try? We need to use an automated tool. A solid tool to automatically search for hidden pages is Gobuster, which runs in the terminal. In the terminal, in the lower right, we need to issue the following command:
gobuster dir --url http://www.onlineshop.thm/ -w /usr/share/wordlists/dirbuster/directory-list.txt
The command above is made up of the following parts:
- is the terminal command to start GobusterCode:
gobuster
- uses directory and file enumeration modCode:
dir
- sets the target websiteCode:
--url http://www.onlineshop.thm/
- specifies the word list to useCode:
-w /usr/share/wordlists/dirbuster/directory-list.txt
If you made it this far, congratulations, you have just discovered the hidden page using two different approaches!
What is the name of the hidden web page you discovered?
answer is
THE ANSWER IS : LOGIN
-----------------------------------------------------------
lets hack part 2 part 2
TASK 3
In Task 1, we discovered a hidden page that allows registered users to sign in. If we can figure out the username and password, we may gain access to some private sections of the web application!
One of the most common usernames is
Code:
admin
Code:
admin
Code:
admin
- Code:
abc123
- Code:
123456
- Code:
qwerty
- Code:
password
- and give you access to a secret page.Code:
654321
Were you able to find the password and log in successfully? One of the above passwords should work with the username
[code]
[color=#2ecc71]admin[/color]
Using an Automated Tool: HydraWe could do this task manually, as we only had to go through five passwords. But what if we have to go through thousands or tens of thousands of passwords? In that case, we can use a software tool such as Hydra. In the terminal, on the lower right, let’s run the following command:
hydra -l admin -P passlist.txt www.onlineshop.thm http-post-form "/login:username=^USER^&password=^PASS^:F=incorrect" -V
The command above is made up of the following parts:
is the terminal command to start HydraCode:hydra
attempts to log in using the usernameCode:-l admin
Code:admin
specifies the password list to tryCode:-P passlist.txt
sets the target websiteCode:www.onlineshop.thm
indicates that this is an HTTP POST request formCode:http-post-form
specifies the shape of the HTTP POST request and how to check if the login credentials are incorrectCode:"/login:username=^USER^&password=^PASS^:F=incorrect"
is used for verbose outputYou do not have to worry about all the command arguments above; it is more straightforward than it appears. For now, we need to copy and paste the command above in the terminal in the lower right and watch Hydra find a valid password for us.Code:-V
Log in using the password you discovered if you have not done that already.
If you have made it this far, congratulations, you have just hacked an insecure web application!
THE ANSWER IS : born_to_be_a_hacker
------------------------------------
Careers in Cyber Security
TASK 4 LAST ONE
How can I start learning?
People often wonder how others become hackers (security consultants) or defenders (security analysts fighting cybercrime), and the answer is simple. Break it down, learn an area of cyber security you're interested in, and regularly practice using hands-on exercises. Build a habit of learning a little bit each day on TryHackMe, and you'll acquire the knowledge to get your first job in the industry.
Trust us; you can do it! Just take a look at some people who have used TryHackMe to get their first security job:
Paul went from a construction worker to a security engineer. https://tryhackme.com/r/resources/blog/construction-worker-to-security-engineer-how-paul-used-tryhackme-to-land-his-first-job-in-security. Kassandra went from a music teacher to a security professional. https://tryhackme.com/r/resources/blog/the-teacher-becomes-the-student. Brandon used TryHackMe while at school to get his first job in cyber. https://tryhackme.com/r/resources/blog/brandons-success-story.What careers are there?
The cyber careers room goes into more depth about the different careers in cyber. However, here is a short description of a few offensive security roles:
Penetration Tester - Responsible for testing technology products for finding exploitable security vulnerabilities. Red Teamer - Plays the role of an adversary, attacking an organization and providing feedback from an enemy's perspective. Security Engineer - Design, monitor, and maintain security controls, networks, and systems to help prevent cyberattacks.
[/code]
This is a bump