Laravel Admin Exploit | HackTheBox Usage Writeup
Tags
attack-pattern: Data Credentials - T1589.001 Server - T1583.004 Server - T1584.004 Ssh - T1021.004 Web Service - T1481 Web Shell - T1505.003 Tool - T1588.002 Vulnerabilities - T1588.006 Sudo - T1169 Web Shell - T1100 Web Service - T1102
Show in Graph
Common Information
Type Value
UUID 634f1751-3cd6-4d1b-923e-03ca17386378
Fingerprint be831d13af0737a9
Analysis status DONE
Considered CTI value -2
Text language
Published Sept. 23, 2024, 6:06 p.m.
Added to db Sept. 23, 2024, 8:27 p.m.
Last updated Nov. 17, 2024, 9:42 p.m.
Headline Laravel Admin Exploit | HackTheBox Usage Writeup
Title Laravel Admin Exploit | HackTheBox Usage Writeup
Detected Hints/Tags/Attributes 51/1/14
Source URLs
Redirection Url
Details Source https://motasemhamdan.medium.com/laravel-admin-exploit-hackthebox-usage-writeup-181ec9508133?source=rss------cybersecurity-5
URL Provider
Details Provider Source level domain
Details medium.com motasemhamdan.medium.com
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 167 Cybersecurity on Medium https://medium.com/feed/tag/cybersecurity 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details CVE 2 
cve-2023-24249
Details Domain 27 
script.sh
Details File 59 
common.txt
Details File 1205 
index.php
Details File 52 
hash.txt
Details File 224 
rockyou.txt
Details File 25 
php-reverse-shell.php
Details File 2 
php.jpg
Details File 71 
shell.php
Details Url 1 
http://10.10.10.x
Details Url 1 
http://10.10.10.x/upload
Details Url 1 
http://10.10.10.x/uploads/filename
Details Url 1 
http://10.10.10.x/uploads/shell.php.jpg
Details Url 1 
http://10.10.10.x/uploads/shell.php.jpg?cmd=nc