This content originally appeared on DEV Community and was authored by a.infosecflavour
Intro to Offensive Security is the first room of Jr Penetration Tester learning path, on TryHackMe. Today, we’ll learn how to solve Intro to Offensive Security’s Task #2 Hacking your first machine.
What do we do?
Open the terminal and type the command gobuster -u hxxp[://]fakebank[.]com -w wordlist.txt dir
*please note the URL defanging is on purpose
Be careful, that the wordlist itself shall be in the same path where you run the command from, otherwise the whole path has to be written (e.g: /usr/share/wordlists/rockyou.txt)
Two hidden pages are listed: /images and /bank-transfer. The one useful for this challenge is /bank-transfer.
In the URL bar, we’re typing fakebank.com/bank-transfer. Then, we send 2000$ from the bank account 2276 to 8881 (your account number).
And, that’s it! We are richer in answers and knowledge!
This content originally appeared on DEV Community and was authored by a.infosecflavour