7 aspects to create the best first impression

We all want to make an incredible first impression in parties, at work, at an interview, on a date, you name it. I read a book titled “Modern Etiquette Made Easy” by Myka Meier and I loved this…

Smartphone

独家优惠奖金 100% 高达 1 BTC + 180 免费旋转




Internal

User.txt Flag

add the target ip add to the /etc/hosts

scan for the ports on the target machine:

the HTTP port is open, we can enumerate the web directories:

It’s a WordPress web a login page is there:

View blogs we know there is a user named admin and this is very common:

Open the Burpsuite and intercept the traffic, from here we get the header and login sessions:

use hydra to brute-force the password:

the password for admin account is:

my2boys

Alternatively, wpscan can be used for brutal force breaking as well:

we can now log in as the admin, here we go:

direct to the Apperance — theme editor — 404 Template

Paste the pentestMonkey reverse shell to the 404.php:

start a listener on your local terminal the port should be the same port you set on your reverse shell:

navigate to the following URL on your web browser:

you now access to the system, direct to the /opt you will find an interesting text file which contains information of aubrenna credentials:

before login to aubreanna account, import the python stabilizer:

bubb13guM!@#123

Root.txt Flag

Time to do the vertical penetration:

In Aubraenna root directory we have a file Jenkins.txt:

It’s telling us the Jenkins docker service is running on 172.17.0.2 port 8080:

check the IP addr configurations we have a docker running on 172.17.0.1:

Use ssh to forward jenkins IP to the attacking terminal:

on your attacking machine web browser access to jenkins:

we need to brute force again:

we will soon get the password for the admin account:

spongebob

successfully log in:

Click on the Manage Jenkins and click on the script console at the bottom:

Paste the groovy/java reverse shell to the script console:

Before you run the script, start a listener, then you will access to jenkins as the admin:

direct to /opt and print note.txt:

the

the root credentials:

root:tr0ub13guM!@#123

Add a comment

Related posts:

How to grow emotional intelligence ?

Developing emotional intelligence is an ongoing process that involves self-reflection, self-awareness, and practice. Here are some steps you can take to grow your emotional intelligence: Remember…

Introduction to Database for kids

My name is Michelle Green-Okoroh and for the past one year I have been studying web development using tools such as Flask and Thunkable. During that period of time I have made over 40 mini-websites…

Drone Photography and Videography

Our Earth is a beautiful masterpiece and man has always put in efforts to explore it in fascinating ways. Man’s curiosity to view world differently led to inventions and one such invention has been…