Comment on page
[Day 3] Christmas Blackout
{Web Exploitation = Content Discovery}
Accessing the site reveals a login form as shown below.
Since there was no attack vector via the main page, I scanned the web directory for hidden directories with the command below.
gobuster dir -u http://10.10.11.109/ -e -w /usr/share/wordlists/dirb/common.txt -t 100 -x .php,.txt,.html,.cnf,.conf | tee gobuster.log
While running that, I noticed a URL
10.10.11.109/admin with a redirect status code.
Using a common wordlist for discovering content, enumerate http://10.10.11.109 to find the location of the administrator dashboard. What is the name of the folder?
- admin
10.10.11.109/admin/ returned the following.
Trying
administrator:administrator logged me into the admin portal and revealed the flag!In your web browser, try some default credentials on the newly discovered login form for the "administrator" user. What is the password?
- administrator
Access the admin panel. What is the value of the flag?
- THM{ADM1N_*****}
Last modified 1yr ago