search

Bolt

image

hashtag
🔗 Link

Boltarrow-up-right

hashtag
Penetration Testing Methodology

Reconnaissance

  • nmap

Exploitation

  • metasploit (bolt cms)

Capturing the flag

  • flag.txt

hashtag
Walkthrough

image

From the nmap scanning. I found that 3 port open. Which is

  • 22 (ssh)

  • 80 (http)

  • 8000

I browse the given IP address.

image

Scroll this page you will get username and password.

image
image

But, with this credentials, I still can't access SSH.

So, we find information about this CMS and it's vulnerability. Maybe we can exploit it.

image

Bolt CMS Version.

Exploitarrow-up-right that I found.

image

Fire up Metasploit (msfconsole).

image

show options and set.

image
image

Yesss, root already. Find your flag and grab it :)

image

CONGRATULATIONS!!

This was a fun machine. Very basic yet fun to root. Good for beginner.

Thank you for reading. :)

By AdaniKamal

PreviousWonderlandNextCC-Pen Testing

Last updated