JIS-CTF: VulnUpload

[ vulnhub  ctf  walkthrough  ]

Goal

Find 5 flags

Download

https://www.vulnhub.com/entry/jis-ctf-vulnupload,228/

Walkthrough

nmap
alt text

dirb
alt text

login form
alt text

robots.txt reveals additional files/directories
alt text

flag 1 found @ flag
alt text

flag 2 found in fake admin area source
alt text

use credentials found from flag 2 to login, area to upload files revealed
alt text

able to upload reverse shell php file
alt text

accessing uploaded php file under uploaded_files folder gives limited access shell
alt text

flag 3 found in hint.txt
alt text

flag 4 found in txt file buried in mysql directory
alt text

flag 5 found in flag.txt after using credentials to ssh as technawi
alt text

Written on June 8, 2018
Share on: