Getting Started - Public Exploits - Slightly stuck

Okay, I’m at the point where I found a possibly correct exploit to use BUT I have no clue HOW to use it.

In the file, it states that I need to go to ““WP-path”” but I’m drawing a blank as to where exactly that is. I’m near to getting the flag but this simple path confusion has me all frustrated.

Hopefully I haven’t spoiled anything.

The question I need answered (or guidance :blush:) here is where is the wp path?

Here is the example I was given to use:
(http://127.0.0.1/WP-path/wp-admin/tools.php?page=…)

There is more after that but I don’t want to spoil too much.

Hey!

Try exploring the MSF route if you still can’t figure it out. That should get you there.

Although, you don’t need MSF, you can definitely get it manually using the exploit you have found. Feel free to DM if you want help. The File Inclusion/Directory Traversal module would definitely help you out.

-onthesauce

1 Like

Thank you, that worked out perfectly. I had used MSF before but I didn’t enter the correct search term, thereby, I ended up using the incorrect exploit. Once I figured out the right way to put it, I got the flag almost immediately. Again, thank you so much.