The exercise: Try to identify the services running on the server above, and then try to search to find public exploits to exploit them. Once you do, try to get the content of the ‘/flag.txt’ file. (note: the web server may take a few seconds to start). I have done everything as the theory says but when I run the exploit I get a connectivity error. I have already configured RHOSTS AND LHOST, I have also tried changing the PORT instead of the default port (80) to 445 and nothing works. I am using the following exploit: multi/http/apache_apisix_api_default_token_rce).
If anyone helps me I would greatly appreciate it.
Thank you.
From other, threads we are supposed to exploit: " Simple Backup Plugin"