Impact-Site-Verification: e2c772ea-46bd-4ca0-ac02-a96f8bbaf987

Intro to Offensive Security is the first room of Jr Penetration Tester learning path, on TryHackMe. Today, we'll learn how to solve Intro to Offensive Security's Task #2 Hacking your first machine.

What do we do?
Open the terminal and type the command gobuster -u hxxp[://]fakebank[.]com -w wordlist.txt dir

*please note the URL defanging is on purpose

💡Be careful, that the wordlist itself shall be in the same path where you run the command from, otherwise the whole path has to be written (e.g: /usr/share/wordlists/rockyou.txt)

Two hidden pages are listed: /images and /bank-transfer. The one useful for this challenge is /bank-transfer.

In the URL bar, we're typing fakebank.com/bank-transfer. Then, we send 2000$ from the bank account 2276 to 8881 (your account number).

And, that's it! We are richer in answers and knowledge!