• When you've transferred money to your account, go back to your bank account page. What is the answer shown on your bank balance page? 

The web bank app is :

Using gobuster to list the available directories :

ubuntu@tryhackme:~/Desktop$ gobuster -u http://fakebank.com -w wordlist.txt 

=====================================================
Gobuster v2.0.1              OJ Reeves (@TheColonial)
=====================================================
[+] Mode         : dir
[+] Url/Domain   : http://fakebank.com/
[+] Threads      : 10
[+] Wordlist     : wordlist.txt
[+] Status codes : 200,204,301,302,307,403
[+] Timeout      : 10s
=====================================================
2022/05/02 17:42:49 Starting gobuster
=====================================================
/images (Status: 301)
/bank-transfer (Status: 200)
=====================================================
2022/05/02 17:42:58 Finished
=====================================================

We found a page for transfer of money :

Transfer $2000 tfrom account 2276 to our account (8881) :

Then checking again our account :

Answer : BANK-HACKED

• If you were a penetration tester or security consultant, this is an exercise you’d perform for companies to test for vulnerabilities in their web applications; find hidden pages to investigate for vulnerabilities.

No Answer.

• Terminate the machine by clicking the red "Terminate" button at the top of the page.

No Answer.

• Read the above. 

No Answer

• Read the above, and continue with the next room!

 No Answer.