Skip to main content

Posts

Featured

TryHackMe CTF: Ignite

  TryHackMe CTF: Ignite Today, I will be writing on the easy-rated TryHackMe CTF machine "Ignite" First off, let's go ahead and add this box to our hosts file And off we go for our Nmap scan to see what ports we have open Alright, so it looks like we only have one open port and it's hosting a web-server running Fuel CMS. Let's go check it out Okay, so a fresh install of Fuel CMS Version 1.4. We can go ahead and look up some vulnerabilities for this version. In the meantime, if you go back to our Nmap results, it referenced a found directory called "/fuel" so let's head there.  So we can see it takes us to a login page. If you read through the text in the main page, it provides default credentials, so I figured I'd give them a shot and voila, we got in. That was easy Let's go ahead and enumerate the pages on this admin dashboard to see if we have any options to upload (Saw a few RCE vulnerabilities on Exploit-db) and it looks like the Assets p

Latest Posts

TryHackMe CTF: LazyAdmin