ColdFusion 8

Hack the Box (HTB) machines walkthrough series — Arctic - Infosec Resources
Infosec Resources
There's a directory traversal vuln.
Adobe ColdFusion - Directory Traversal
Exploit Database
Once you get the hash, crack it with crackstation, bypass the traffic with burp to login.
​
to get a rev shell, schedule a task (go to mapping to get a path), and post jsp rev shell. 
If the directory listing is disabled, do curl to execute the rev shell.
​
​
​
Webmin
Wordpress
Last modified 1yr ago