We use gobuster or dirbuster to find hidden directories.
gobuster dir -u http://10.10.10.10 -w /usr/share/wordlists/dirbuster/directory-list-2.3-medium.txt
Findings:
The cybersecurity landscape is vast and complex, with new vulnerabilities and attack vectors emerging regularly. Resources like HackTricks play a crucial role in the learning and professional development of cybersecurity practitioners. Here’s how you can make the most out of such resources: hacktricks 179
If you have a more specific question or need information on a particular topic related to HackTricks 179, please provide more details, and I'll do my best to assist you.
We have a username (root) and a password. We know SSH is open, but the root user usually cannot SSH in with a password by default. However, we saw a /phpmyadmin page, but more importantly, this is a WordPress site. We use gobuster or dirbuster to find hidden directories
Let's try the credentials against the WordPress users. Looking at the blog posts on the site, we find an author profile named notch.
Testing SSH:
Since notch is a user on the system, let's try the found password for this user via SSH. Findings: The cybersecurity landscape is vast and complex,
ssh notch@10.10.10.10
Password: 8YsqfCTnvxAUeduzjNSe22
Result: Success! We are logged in as notch.