We all want to make an incredible first impression in parties, at work, at an interview, on a date, you name it. I read a book titled “Modern Etiquette Made Easy” by Myka Meier and I loved this…
add the target ip add to the /etc/hosts
scan for the ports on the target machine:
the HTTP port is open, we can enumerate the web directories:
It’s a WordPress web a login page is there:
View blogs we know there is a user named admin and this is very common:
Open the Burpsuite and intercept the traffic, from here we get the header and login sessions:
use hydra to brute-force the password:
the password for admin account is:
my2boys
Alternatively, wpscan can be used for brutal force breaking as well:
we can now log in as the admin, here we go:
direct to the Apperance — theme editor — 404 Template
Paste the pentestMonkey reverse shell to the 404.php:
start a listener on your local terminal the port should be the same port you set on your reverse shell:
navigate to the following URL on your web browser:
you now access to the system, direct to the /opt you will find an interesting text file which contains information of aubrenna credentials:
before login to aubreanna account, import the python stabilizer:
bubb13guM!@#123
Root.txt Flag
Time to do the vertical penetration:
In Aubraenna root directory we have a file Jenkins.txt:
It’s telling us the Jenkins docker service is running on 172.17.0.2 port 8080:
check the IP addr configurations we have a docker running on 172.17.0.1:
Use ssh to forward jenkins IP to the attacking terminal:
on your attacking machine web browser access to jenkins:
we need to brute force again:
we will soon get the password for the admin account:
spongebob
successfully log in:
Click on the Manage Jenkins and click on the script console at the bottom:
Paste the groovy/java reverse shell to the script console:
Before you run the script, start a listener, then you will access to jenkins as the admin:
direct to /opt and print note.txt:
the root credentials:
root:tr0ub13guM!@#123
Developing emotional intelligence is an ongoing process that involves self-reflection, self-awareness, and practice. Here are some steps you can take to grow your emotional intelligence: Remember…
My name is Michelle Green-Okoroh and for the past one year I have been studying web development using tools such as Flask and Thunkable. During that period of time I have made over 40 mini-websites…
Our Earth is a beautiful masterpiece and man has always put in efforts to explore it in fascinating ways. Man’s curiosity to view world differently led to inventions and one such invention has been…