eJPT - 1.4 CTF Vulnerability Assessment
HmadTable of contents
Question 1
Explore hidden directories for version control artefacts that might reveal valuable information
We can run an Nmap scan on the target to look at the hidden directories. You should find a git repository have a look at that on the target domain.
nmap -sV -sC (target ip)
Question 2
The data storage has some loose security measures. Can you find the flag hidden within it?
Looking at the robots.txt file, we can see that there is phpmyadmin page which is accessible. Once in, look through the databases and specifically the MySQL one.
Question 3
A PHP file that displays server information might be worth examining. What could be hidden in plain sight?
We can perform another Nmap scan on the target using the script http-enum. From this we can see that there is another PHP file called phpinfo.php.
Question 4
Sensitive directories might hold critical information. Search through carefully for hidden gems.
From our look at the robots.txt file. We can see that there is /passwords directory.
That’s it for this section. Next one up is the auditing fundamentals section.
— Hmad
Subscribe to my newsletter
Read articles from Hmad directly inside your inbox. Subscribe to the newsletter, and don't miss out.
Written by
Hmad
Hmad
I'm a cybersecurity enthusiast with a growing focus on offensive security. Currently studying for the eJPT & ICCA, building hands-on projects like Infiltr8, and sharing everything I learn through blog posts and labs.