- Using a common wordlist for discovering content, enumerate http://MACHINE_IP to find the location of the administrator dashboard. What is the name of the folder?
ANS: admin
EXPLANATION:
Step 1: Start Attachbox as well as the Machine, Open the terminal, and type dirb http://MACHINE_IP /usr/share/dirb/wordlists/common.txt
e.g: dirb http://10.10.205.230 /usr/share/dirb/wordlists/common.txt
Through enumeration, we able to find the administrator's location
2. In your web browser, try some default credentials on the newly discovered login form for the “administrator” user. What is the password?
ANS: administrator
EXPLANATION:
Step 1: We know the username is administrator, Let`s just guess that the default username is the same as the default password ( This Method is more to Try and Error)
3. Access the admin panel. What is the value of the flag?
ANS: THM{ADM1N_AC3SS}
EXPLANATION:
Step 1: Once we are able to login to the Admin Panel, we are able to see the Flag.
*****************THANK YOU****KEEP LEARNING ******************
HOPE YOU GUYS, THIS WALKTHROUGH MIGHT HELP YOU,IF SO LIKE THE PAGE WILL BE MUCH APPRECIATED AND FOLLOW MY PROFILE FOR MORE WRITE-UPS
*******PEACE*****