Harry Potter Part I: Aragog

  • HTTP leveraging wordpress
  • Feroxbuster, wpscan
  • Searchsploit
  • Msfvenom and Metasploit
  • Process Spy (pspy)
Starting the box
  • wordpress has some database connections, so there may be a password
  • mysql is running on the box
  • there is a weird file in /opt/.backup.sh
  • dbpass and dbuser are listed in plain text
Wordpress database
Running john the ripper
Lateral movement to hagrid98
temporary copies
pspy64s output
our file was moved
Gaining root

--

--

--

Cyber Enthusiast and sharing some knowledge in a systematic way

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

Chrome 68 is out, all HTTP sites will now be marked “Not Secure”

What happens when you type google.com in your browser and press Enter

URL Bar Spoofing in Safari for iOS 12.3 and iOS 13 Beta | CVE-2019–8727

Introducing Crypto Forks

You may lose access to some of your third-party apps (google)

Kineo.ai is supporting the German government’s #WirVsVirus hackathon

Ubicomp Security: A Proposal for a Study of Current Ubicomp Products

A Reminder About Privacy

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
ArtilleryRed

ArtilleryRed

Cyber Enthusiast and sharing some knowledge in a systematic way

More from Medium

VirtualBox Metasploitable 2 Setup

Using Octoprint on Rapberry Pi w/ WPA2 Enterprise

Log4sHell: Impact and Remediation Steps

The Tale of a Click leading to RCE