Voyage
Voyage π Port Discovery & Joomla Analysis π΅οΈ We can see that it uses Joomla: We can check the Joomla version by visiting http://10.82.157.68/administrator/manifests/files/joomla.xml: π΅οΈ...
Voyage π Port Discovery & Joomla Analysis π΅οΈ We can see that it uses Joomla: We can check the Joomla version by visiting http://10.82.157.68/administrator/manifests/files/joomla.xml: π΅οΈ...
Lazyadmin π Enumeration & MD5 Decrypting π΅οΈ I found several URLs: I found several URLs: Username: manager Password (MD5 Hash): 42f749ade7f9e195bf475f37a44cafcb = h...
Extract π I think this is my second hard challenge. It was a good challenge for me. π As usual, I started with an nmap scan: This is the only open port: π‘ I checked the source code while Ferox...
Dav nmap -sS -sV -sC -p- 10.80.153.92 Starting Nmap 7.94SVN ( https://nmap.org ) at 2026-06-22 07:19 UTC Nmap scan report for ip-10-80-153-92.eu-west-1.compute.internal (10.80.153.92) Host is up ...
Chill Hack root@ip-10-81-94-80:~# nmap -sS -sC -sV -p- 10.81.153.240 Starting Nmap 7.94SVN ( https://nmap.org ) at 2026-06-17 04:17 UTC Nmap scan report for ip-10-81-153-240.eu-west-1.compute.inte...
Archangel π» You can see the email points to a domain, so I added it to my hosts file: 10.48.165.142 mafialive.thm π I used this filter to view local files: http://mafialive.thm/test.php?vi...
Sequence π Contact Form XSS π΅οΈ Anyway, letβs explore the website a bit. I found a contact form and tried an XSS payload because it said: Thank you for your feedback! Someone from our team wil...
Mustacchio π XXE Exploitation π΅οΈ I didnβt have many ideas at this point, but I found some XML comments: <?xml version="1.0" encoding="UTF-8"?> <comment> <name>Joe Hamd<...
Include π LFI Analysis π΅οΈ Letβs check the inputs: π» When we update the field, it updates the display accordingly: As you can see, the request goes to an internal server. While exploring th...
Epoch π Analyzing Command Injection π΅οΈ First, I checked the input field: . π» The page executes commands, so I used the && operator to chain a payload: 1700000000 && /bin/bash...