Notes

Synopsis/summary;

Tools / Blogs used;

Links to Resources.

Information Gathering

Services

• Nmap scan results

Web

• Directory Discovery (ffuf, gobuster, etc.)

Port #1: Service - Version

For web app and/or server

Port #2: Service - Version

Vulnerability Identification

Confirm that a service is vulnerable

Exploitation

Service Exploited: PHP HTML Parser Vulnerability Type: RCE by execution of the shell_exec PHP function Exploit PoC: phpbash: https://github.com/Arrexel/phpbash

Discovery of Vulnerability

The HTML Parser on admin.php executes any supplied PHP code.