THM Internal
THM Internal This was an amazing challenge! I learned a few new tricks to thought about documenting it here real quick It all started with a WordPress site.... Easy bruteforce with wpscan wpscan --url http://10.10.40.183/wordpress/ -U wp_users.txt -P /usr/share/wordlists/rockyou.txt Lucky weeee. We got the admin password. First thing to do is insert a reverse shell... » read more