Jump Ahead: Enum – User – Root – Resources TL;DR; To solve this machine, we begin by enumerating open ports using nmap – finding ports 22, 80, and 1337 open. From port 80, we learn that WordPress is installed. Exploiting an LFI vulnerability in a plugin, we are able to enumerate the service running on […]
Jump Ahead: Enum – User – Root – Resources TL;DR; To solve this machine, we begin by enumerating open ports using nmap – finding ports 22, 80, and 3000 open. From port 80, we find an archive that we are able to download. After analyzing the archive, we find the secret for the signed JWT […]
Jump Ahead: Enum – User – Root – Resources TL;DR; To solve this machine, we begin by enumerating open ports using nmap – finding ports 80, 135, 445, and 5985 open. Going to the webserver, we are able to authenticate with default credentials, which gives us access to MFP Firmware Update Center. We are able […]