Room Link: https://tryhackme.com/room/agenttarrow-up-right
Kali
nmap -A $VICTIM
No other ports found.
Dirb wasn't working so I went to the url and it brought me to the admin page, but nothing actually worked.
In the burp request we can see it is powered by PHP/8.1.0-dev which has a rce exploit.
Last updated 1 year ago
nmap -sV -sT -O -p 1-65535 $VICTIM
git clone https://github.com/flast101/php-8.1.0-dev-backdoor-rce.git cd php-8.1.0-dev-backdoor-rce/ python backdoor_php_8.1.0-dev.py
