THM | Basic Pentesting

Basic Computer Exploitation | Basic Pentesting | Summary:

This series of walkthroughs aims to help out complete beginners with finishing the Complete Beginner path on the TryHackMe website. It is based on the learning content provided in the Basic Pentesting room.

---

Disclaimer: Please note that this write-up is NOT intended to replace the original room or its content, but rather serve as supplementary material for those who are stuck and need additional guidance.

Task | 1 | Web App Testing and Privilege Escalation

Question 1: Deploy the machine and connect to our network

No answer needed

Question 2: Find the services exposed by the machine

No answer needed

Question 3: What is the name of the hidden directory on the web server(enter name without /)

development

Question 4: User brute-forcing to find the username & password

No answer needed

Question 5: What is the username?

jan

Question 6: What is the password?

armando

Question 7: What service do you use to access the server(answer in abbreviation in all caps)?

SSH

Question 8: Enumerate the machine to find any vectors for privilege escalation

No answer needed

Question 9: What is the name of the other user you found(all lower case)?

kay

Question 10: If you have found another user, what can you do with this information?

No answer needed

Question 11: What is the final password you obtain?

heresareallystrongpasswordthatfollowsthepasswordpolicy$$