On the next screen enter a suitable Username and a suitable Password, the click OK.Īfter clicking OK, you will be asked to enter your Username and Password into the login box. Here you need to select your language and then click OK. Your default browser will now open the URL which is the Abyss Web Server console. Click Yes.Īnother box will tell you a configuration file was created. Click "Install as a Windows Service" and then click OK.Ī box will tell you the service is installed.Ī box will ask you if you want to start Abyss now. When Abyss has installed, you will be asked how Abyss should be started. The default of C:\Program Files\Abyss Web Server is recommended. Make sure all the tick boxes are checked and then click Next.Ĭhoose an install location. It does identify that POST to / returns something, but it looks like the same response as GET, which I’ll confirm with curl:ġ0.10.10.62 - "GET /0xdf.dtd HTTP/1.0" 200 -ġ0.10.10.Start the installation file and follow the steps through until it installs leaving all options at their defaults. The HTTP response looks different from the feroxbuster -u -m GET,POST,PUT,DELETE -C 404,405 Perhaps it now just points at the same port 80 page. Looking at my notes from 2018, this is where PFSense used to be, but the changelog reported that it was no longer present. I could come back to this if I get stuck elsewhere. Given that this is an instance of real software, I’m going to hold off on the directory brute force for now. PhpMyAdmin is written in PHP, and the login POST is sent to index.php. Nothing here different from TCP 4 - NGINX and not much else. Trying to guess some basic passwords like admin / admin returns errors about failing to connect to MySQL: PhpMyAdmin is a web interface to administer MySQL instances. The response headers show the same NGINX headers as port feroxbuster -u -x asp,aspx This is a hint as to the Windows VMs I’ll encounter later. Visiting this webserver returns a Microsoft ASP.NET error message: Don’t see much else I can do with this at this point. Still, no matter what kind of file I attach, the same error message comes back. home.php has a form that POSTs to /upload. Visiting /upload.php returns an error message: ? Press to use the Scan Management Menu™ ? Wordlist │ /usr/share/seclists/Discovery/Web-Content/raft-medium-directories.txt I’ll also try a parameter brute force on page to see if there’s something feroxbuster -u -x php Giving it page=, hoping it might try to load test.php from my server, fails as well. I’ll play around with trying to get it to include other pages, but nothing seems to change. The link leads to /index.php?page=home, which loads the same page. My notes from 2018 show OpenSSH 7.2p2 Ubuntu 4ubuntu2.2 (Ubuntu Linux protocol 2.0), which would be Ubuntu 16.04 xenial.Īll five webservers are running the same version of NGINX. This Changelog is on the HTB page for Fulcrum: This box was a getting a bunch of bad reviews due to stability, and the team recently rebuilt it to have all the same vectors, but on a bit more modern technology, which is why the OS is newer than the box. Nmap done: 1 IP address (1 host up) scanned in 51.67 secondsīased on the OpenSSH version, the host is likely running Ubuntu 20.04 focal, which is very strange for a box released in November 2017. Service Info: OS: Linux CPE: cpe:/o:linux:linux_kernel |_http-title: Site doesn't have a title (application/json charset=utf-8). |_http-title: Site doesn't have a title (text/html charset=UTF-8).Ģ2/tcp open ssh OpenSSH 8.2p1 Ubuntu 4ubuntu0.1 (Ubuntu Linux protocol 2.0)ĥ6423/tcp open http nginx 1.18.0 (Ubuntu) Warning: 10.10.10.62 giving up on port because retransmission cap hit (10).
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |