Jump Ahead: Enum – User – Root – Resources TL;DR; To solve this machine, we begin by enumerating open ports using nmap – finding ports 22 and 80 open. From the webserver, we find a subdomain through source code analysis. Doing some research on the platform we found on the subdomain, we learn that it […]
Jump Ahead: Enum – User – Root – Resources TL;DR; To solve this machine, we begin by enumerating open ports using nmap – finding ports 21, 22, and 80 open. From the web server, we find a Server-Side Request Forgery (SSRF) vulnerability. Using the SSRF vulnerability, we are able to enumerate the web server, and […]
Jump Ahead: Enum – User – Root TL;DR; To solve this machine, we begin by enumerating open ports using nmap – finding ports 22 and 80 open. From the webserver, we are able to bypass server redirects, which allow us to access the admin portal. From the admin portal, we can create an admin user. […]