Home / Cybersecurity

Web Penetration Testing: Finding Hidden Directories on TryHackMe

Post a Comment


 

Overview

Entering the world of cybersecurity is not about immediately breaching complex systems; it's about adopting the attacker's mindset. In this article, i will document my process of completing the Offensive Security Intro module on TryHackMe. We will explore how a minor flaw in a web directory structure can become a fatal entry point for a banking system.

  • Target: http://fakebank.thm
  • Objective: Identify hidden directories and simulate a transaction manipulation.
  • Methodology: Reconnaissance, Enumeration, and Exploitation.

Prerequisites & Tool

Before diving in, it is essential to understand the core concepts used in this lab:

  • Concepts: Brute Force, Reconnaissance, Enumeration, and Exploitation.
  • Environment: Linux Terminal
  • Tool: dirb

Phase 1: Lab Preparation

Preparation is the foundation of any successful penetration test.

  1. Click View Site, it will launch the Virtual Laboratory
  2. Ensure you are accessing the target site http://fakebank.thm.



TryHackMe Dirb scan results for fakebank.thm


Phase 2: Searching for Hidden Pages

The bank's landing page may appear secure with high-level encryption. However, security is only as strong as its weakest link. In this scenario, the administrator left a "hidden" page accessible to the public.

To find it, we use dirb, a web content scanner. It performs a brute-force attack against the webserver using a wordlist to find hidden directories and files.

dirb [target link]

After running the scan, look for lines marked with a +. These indicate discovered directories. In this lab, the scanner reveals a sensitive path.



Phase 3: Exploitation

Once the hidden directory is discovered, the final phase is Exploitation. By navigating to the /bank-transfer page, we bypass the standard user interface and gain access to an administrative portal.




Following the lab instructions, I performed a manual transaction manipulation. This simple act of finding an unprotected page allowed for a complete bypass of the bank's intended security flow, eventually revealing the hidden Flag.


Key Takeaways

This simulation highlights a critical lesson in Operational Security (OpSec):

  • Security through obscurity is not security. Just because a link is not visible on the homepage does not mean it's hidden from attackers.
  • Proper Access Control and directory permissions are just as important as encryption.

As my first step into Offensive Security, this lab was a powerful reminder that hackers don't always "break" the door, sometimes they just find the one that was left unlocked.





Post a Comment for "Web Penetration Testing: Finding Hidden Directories on TryHackMe"