Posts

(HTB) October Walkthrough

Image
Name: October IP : 10.10.10.16 OS – Linux VM Author: ch4p Writeup Author: Teck_K2 Nmap result Port 80 is open, Let’s access the web page By accessing the web I got to know that the target machine is using October CMS which is an open source self-hosted CMS platform based on the Laravel PHP framework. In the account section we can Signup and access the app but it is of no use. Now run the dirb and nikto tool and google some available exploit on October CMS Unfortunately I coundn’t find anything useful in the google and Nikto result but I found something useful. But In the Dirb result I found something useful which is /backend page with code:302 which means it will redirect us to somewhere else. Let’s open this in the browser. By accessing the link I got redirected to the Administrative area. Now we have the login page in front of us, we can do bruteforce attack, SQL-injection, etc.. Let’s try some manual brute-forcing. Let's try with (admin:password) It’s sh
1 comment
Read more

(HTB) Arctic Walkthrough

Image
Name: Arctic IP : 10.10.10.11 OS – Windows VM Author: ch4p Writeup Author: Teck_K2 Nmap result First, try to find the exploit which is available for the particular services running on the target machine, I tried to find but couldn't find any exploit regarding MSRPC no we will jump to FMTP In the Port :8500 We can see there are two directories try to open both in new tabs Now Open all the subdirectories maybe we could find something interesting I n the sub-directory /cfdocs I found there is a cold fusing version 8 running If you see error something like this then don't worry because ColdFusion only allow 2 person at a time and if someone didn't sign out it will keep his session open, So just reset the machine and you are good to go. This blog maybe be helpful to understand cold fusion https://jumpespjump.blogspot.co.uk/2014/03/attacking-adobe-coldfusion.html In the above blog as describe to get the password hash didn’t work for
Post a Comment
Read more