Today I am gonna write about a CTF machine which is very easy one particularly meant for very beginners.
Bolt is the one of the easiest machines in tryhackme Capture the flag platform. I am only doing free rooms as I don’t have money to buy subscription account to practice more on subscribers only rooms. So let’s start by doing a simple scan after machine is connected.
nmap -sV -sC -sT target-machine-IP
The first question was to which port number web server with a CMS is running? You will get the answer for this from the scan results. After that the next question is to find username and password. you can easily find it by simple crawling across the machine. After you have found the username and password from the crawling you have to login to the CMS. the default login is http://yourdomain.com/bolt. So after you login you can find answer for the 4th question there.
After that it’s time for exploit the machine. search exploit-db or in metasploit using the CMS name you have got. I have gone for metasploit. opened metasploit and then I have used the below thing
the covered part is CMS name. you will get info about exploits and it will satisfies the answer for 5th and 6th questions. ok, now it’s time for setting and exploiting using metasploit. So you have to set your IP accordingly
- LHOST :- inet address you get from ifconfig command
- RHOST :- Target machine IP
- LPORT :- Set whatever
- username :- from answer 2
- password :- from answer 3
ok after setting this run command. It will take a minute and yes you are done now.
You are now root. You got the root flag and you are done. Submit the flag and yeah you got a congrats message.
That’s all about Bolt.
Thank you
Top comments (0)