Offensive-Ethical-Hacking_101

EH-using-GoBuster

This is an exercise and for ethical hacking training purposes only

No bank accounts were hacked

All images and copyrights are protected for TryHackMe

Description

Project: Hacking into a fake bank account to steal money using a virtual machine. Objective: Transferring money from the fake bank account to the hacker account Techniques used: command line to a brute-force attack.

Tools/ Utilities Used

• Virtual Machine
• Firefox
• commandline

Environments Used

• Kali Linux (21H2)

Attack walk-through:

We start with the hacker bank account in negative

!

Launch the virtual machine:
Start the command line and type gobuster -u http://fakebank.com -w wordlist.txt dir

This command will find pages that exist on the site. it is /bank-transfer that allows to transfer between accounts You know it is the page indicated by status :200

When launching the page by adding bank-transfer to the fakebank.com URL an admin portal is open and for the project purpose, we can transfer from one bank account to another. The results will be amazing as the hacker's negative account is positive again after the transfer!

Finally, this was an example to show how hackers can find vulnerabilities in a system, and as a red team ethical hacker, you can mock their techniques.

To learn cybersecurity and more please visit: https://tryhackme.com/