Attacking Common Applications - Skills Assessment I

Can someone help me with Attacking Common Applications - Skills Assessment I can’t find exploit for web server. I try all the public exploits but no success

It is say that PUT method is allowed but I cant upload the file and I get 404 error
Any one can help me ?

1 Like

Can someone Help me?

Have you solved this question yet? I am also stuck at skill assessment 1

Hi guys, I’m at the same point at skillAss 1, but event skillAss 2 is very hard with no hints. I don’t know what to do

Hi guys, I’m at the point SkillAss I. After enumaration with nmap I know some application, the port and version, I submit answer and it’s right. But I cant get the shell to cat the flag.txt. I try all of vulnerability on ExploitDB. Can anyone give me a hint?

Try to search on vulnerable app for extensions with ffuf or dirbuster and you will find something juice to exploit :slight_smile:

3 Likes

can any push another hint at this as I’m not figuring it out - perhaps I’ve looked at it too long!

I know what the app and version is - but that does not seem to help getting a shell - none of the metasploit modules work.
gobuster showed me the ‘/assets’ subdirectory which I do not have permission to access so i cant go further there (I assume thats what @Gocka was refering to)
I know there is a jenkins login page but default credentials do not work

Where should i be looking? I’m stuck…

Text me, I will support you

2 Likes

I eventually got the flag. The solution is direct vulnerability of the app. I highlight you need to do a little background reading into how the vulnerability works so that you can properly set up metasploit

hi im stuck in this for few days, i try to brute force jenkins,and fuzz tomcat but i cant find much can u give any hint

Researching “cgi tomcat” exploit, and read more about that

1 Like

tnx, i know about the cgi but i cant find the file

Hi All,

Out of ideas at the moment and could do with a fresh perspective if someone could help provide some additional pointers.

  • I’ve identified the vulnerable app and can confirm it’s vulnerable to G****t but I can only read one file w.**l which has no additional configurations.
  • I’ve ffuf the vulnerable app port but can’t seem to find anything which would relate to the “tomcat cgi” exploit mentioned above. I did however find b****.**l. Is this the file?

Any pointers of what direction I should be looking at next would be most helpful

Thanks,
S