ONSYSTEM: SHELLDREED #1 HANNAH vulnhub writeup

I started by scanning the target machine for any open ports and services running on those ports using the Nmap tool. nmap -p- -A <IP> We have an Apache server running on port 80, let’s gobuster it : gobuster dir --url http://<IP>/ --wordlist=/usr/share/wordlists/dirbuster/directory-list-2.3-medium.txt -x js,php,txt,html,/ -t 100

Before, using the command sudo netdiscover, scan our local network to find tenderfoot IP.

It is a WordPress machine with an easy level of difficulty. I started by scanning the target machine for any open ports and services running on those ports using the Nmap tool. nmap -p- -A 192.168.1.138 Lets go see the http website, it’s a WordPress Blog. With Wpscan let’s analyze…

I started by scanning the target machine for any open ports and services running on those ports using the Nmap tool. So first, let’s decode the base64 string from http-title. echo "dG9vIGVhc3kgbm8/IFBvdHRlcg=="|base64 -d $>too easy no? Potter Maybe a user… I decided to check the website hosted on port 80…