Published onSeptember 23, 2023HTB NinevehLFIRFIKnockchkrootkitOne way to gain foothold was bruteforce on an admin account, or /department/login.php. Then, we get remote PHP code injection on phpLiteAdmin v1.9, which results in LFI to shell. For root, we use nmap to exploit knock / port knocking.
Published onJuly 23, 2023HTB TartarSauceWordPressRFItarWordPress discovered on the initial endpoint, RFI is exploited, into tar privesc to root.