Compromising a Joomla CMS Account and Privilege Escalation Walkthrough
Tags
| attack-pattern: | Exploits - T1587.004 Exploits - T1588.005 Python - T1059.006 Server - T1583.004 Server - T1584.004 Vulnerabilities - T1588.006 Sudo - T1169 |
Common Information
| Type | Value |
|---|---|
| UUID | adb4d356-7a9c-4cb5-8215-fc12e8fdb2fd |
| Fingerprint | ba1642140f51e6e3 |
| Analysis status | DONE |
| Considered CTI value | -2 |
| Text language | |
| Published | Oct. 27, 2024, 10:33 a.m. |
| Added to db | Oct. 27, 2024, 11:50 a.m. |
| Last updated | Nov. 17, 2024, 9:42 p.m. |
| Headline | Compromising a Joomla CMS Account and Privilege Escalation Walkthrough |
| Title | Compromising a Joomla CMS Account and Privilege Escalation Walkthrough |
| Detected Hints/Tags/Attributes | 29/1/21 |
Source URLs
URL Provider
RSS Feed
| Details | Id | Enabled | Feed title | Url | Added to db |
|---|---|---|---|---|---|
| Details | 167 | ✔ | Cybersecurity on Medium | https://medium.com/feed/tag/cybersecurity | 2024-08-30 22:08 |
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 2 | joomblah.py |
|
| Details | Domain | 303 | tryhackme.com |
|
| Details | Domain | 14 | hashes.com |
|
| Details | 1 | jonah@tryhackme.com |
||
| Details | File | 1 | initial.txt |
|
| Details | File | 1 | thorough.txt |
|
| Details | File | 2 | joomblah.py |
|
| Details | File | 258 | robots.txt |
|
| Details | File | 1205 | index.php |
|
| Details | File | 10 | configuration.php |
|
| Details | File | 255 | user.txt |
|
| Details | File | 1 | y.py |
|
| Details | File | 2 | yum.pl |
|
| Details | File | 26 | os.exe |
|
| Details | File | 205 | root.txt |
|
| Details | md5 | 1 | eec3d53292b1821868266858d7fa6f79 |
|
| Details | IPv4 | 1 | 10.10.67.3 |
|
| Details | IPv4 | 1 | 10.10.4.44 |
|
| Details | IPv4 | 1 | 10.17.14.162 |
|
| Details | Url | 1 | http://10.10.67.3:80 |
|
| Details | Url | 1 | http://10.10.4.44/administrator/index.php |