Contra

link

synx
Members 3 posts

Feb. 25, 2019, 7:34 p.m. Feb. 25, 2019, 7:34 p.m.
link

Hi Guys,
I have got access to the admin page and was wondering if this is the right place to look or if I'm going down a rabbit hole?
Thanks
link

H4d3s
Team 32 posts

Feb. 27, 2019, 3:32 p.m. Feb. 27, 2019, 3:32 p.m.
link

@synx has written:
Hi Guys,
I have got access to the admin page and was wondering if this is the right place to look or if I'm going down a rabbit hole?
Thanks
if it doesnt work , maybe its not intended to work ! :)
link

Bi7A74hm3D
Members 21 posts

March 2, 2019, 3:31 p.m. March 2, 2019, 3:31 p.m.
link

Hi,
Got the admin page access, tried with different reverse shell but no luck.. Can someone please help on this? where exactly need to look.
... Thanks ...
link

Bi7A74hm3D
Members 21 posts

March 2, 2019, 3:59 p.m. March 2, 2019, 3:59 p.m.
link

@Bi7A74hm3D has written:
Hi,
Got the admin page access, tried with different reverse shell but no luck.. Can someone please help on this? where exactly need to look.
... Thanks ...
also when I try to create a some malicious plugin for reverseshell, the same is not getting upload as getting an error :
Unable to create directory wp-content/uploads/2019/03. Is its parent directory writable by the server?
Can someone guide me on this box..
thanks..
link

malex
Members 10 posts

March 3, 2019, 1:16 a.m. March 3, 2019, 1:16 a.m.
link

@H4d3s has written:
@synx has written:
Hi Guys,
I have got access to the admin page and was wondering if this is the right place to look or if I'm going down a rabbit hole?
Thanks
if it doesnt work , maybe its not intended to work ! :)
Yes sure,. Still wondering is it the right attack path? Any hint from here?
link

meni
Members 4 posts

March 3, 2019, 2:30 p.m. March 3, 2019, 2:30 p.m.
link

Guys, if you look for some text files, they might contain interesting things...
link

malex
Members 10 posts

March 5, 2019, 10:47 p.m. March 5, 2019, 10:47 p.m.
link

I can gain reverse shell, from meni hints. But stuck to privilege escalation. Any hints from here? when do enumeration seems nothing suspicious... hmm
Thanks..
link

malex
Members 10 posts

March 5, 2019, 10:47 p.m. March 5, 2019, 10:47 p.m.
link

@synx has written:
Hi Guys,
I have got access to the admin page and was wondering if this is the right place to look or if I'm going down a rabbit hole?
Thanks
Its rabbit hole..
link

javox
Members 2 posts

March 6, 2019, 7:09 a.m. March 6, 2019, 7:09 a.m.
link

hi
any hint in privilege escalation
link

meni
Members 4 posts

March 6, 2019, 3:01 p.m. March 6, 2019, 3:01 p.m.
link

Got to log through it...

4ndr34z likes this.

favorite 1
link

KerShell
Members 12 posts

April 30, 2019, 2:51 a.m. April 30, 2019, 2:51 a.m.
link

Well, I found a .zip file and a note, but I do not know what to do.
link

mynameisroot
Members 10 posts

April 30, 2019, 3:32 a.m. April 30, 2019, 3:32 a.m.
link

There is something in one of the .php files