Let’s start this awesome adventure!
You can start there > TEST LAB 14
We have 2 entry points addresses :
As always let’s start with a nmap scan.
Let’s start with port 80, when we visit the webpage we get this error :
Why is happening this ?
Because of webserver virtual hosts.
vitrual hosts -> allows you to run more than one website on a single machine.
When we browse a machine using a domain name for example
test.vulnhub the webserver will direct you to the content based on the host header. If we don’t do this and browse the machine with raw IP address, that header won’t be set properly and you’ll get a default page or error page.
We need to add this hostname into
/etc/hosts -> translate hostnames to IP addresses
For windows users u can find it there ->
We can aso use hosts file because it’s easier to remember the hostname/domain than the IP address.
Let’s add it.
Now we can see a wordpress site!
Let’s search for possible exploits.
Let’s test it out.
Gives us an error message hmm.. we can bypass that using
// double slash.
That is an error probably in the developer’s code.
In the end we can see this
token_hrTY9s4Cv, we got it!
Site Token ->
See you, in the next step!