Jump Ahead: Enum – User – Root – Resources TL;DR; To solve this machine, we exploit an SQLi vulnerability on the CMS-created website hosted at /writeup to dump and crack credentials. Using the credentials, we are able to SSH into the machine, where we then get user.txt. Observing processes, we see that each time someone […]
Jump Ahead: Enum – Initial Access – User – Root – Resources TL;DR; To complete this machine, we start by enumerating open ports and see that ports 22 and 80 are open. Going to the webserver, we are presented with Magento – a type of online store. Researching this application, we find a Remote Code […]
Jump Ahead: Enum – Getting an auth token – Root – Resources TL;DR; To solve this machine, we begin by enumerating all open ports. We see there is FTP, SSH, and 3 web servers running. After enumerating port 80, we find config.php and /management. config.php contains what appears to be database credentials, and /management is […]