Vulnhub HarryPotter: Aragog write-up!!

nmap open ports
nmap service version detection
gobuster result
metasploit scanner showing wp-file-manager v. 6.0
Reverse shell
db-username and password
backup.sh file
wordpress password hash for wp-admin
john cracked the password hash for wp-admin
hagrid98 user
the final flag

References:

--

--

--

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

Abuse for Fun and Profit — Windows Dynamic Data Exchange Protocol:

Vulnhub : Pwned 1 Walkthrough

Privacy Notices Are Meaningless: Here’s How to Make Them Meaningful

Resolving the IT/OT Connection Paradox

Fighting fraud with technology

Walkthrough :zero.webappsecurity.com

I spend 8 weeks on IT security. Here’s my notes.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Vishal

Vishal

More from Medium

CyberDefenders- BSidesJeddah-Part2 using volatility GUI tool

How to Monitor Gitlab Pipelines using Prometheus and Grafana

Specification Networks

Creating a Helm chart to deploy a Flask web-app on the Kubernetes cluster