search

Shield

Personal Rating: Easy

hashtag
Enumeration

Running the initial nmap scan revealed two open ports:

sudo nmap -v <IP>

Discovered open port 3306/tcp on 10.10.10.29
Discovered open port 80/tcp on 10.10.10.29

It was a wordpress site. I found http://10.10.10.29/wordpress/wp-admin/arrow-up-right

I attempted injections with sqlmap, fuzzed the site with dirb and ran more nmap scans, not knowing yet how to properly enumerate wordpress specifically.

hashtag
Password Guessing

After checking the walkthrough since I got stuck, I knew that the password of another Box was needed to log into the wordpress admin portal, which was very disappointing. So realistically, the only way would be bruteforce here.

Later I learned about Wordpress enumeration and exploits, which might also have worked here.

PreviousResponderNextUnified

Last updated