Hi there.
I cant get solved the last question "create shell and read flag.txt from home/erika. Can someone help me? I tried reverse shell on 404 and denied on erika account, msfconsole also uploading the shell. I can only access the http://blog.inlanefreight.local/wp-content/plugins/site-editor/editor/extensions/pagebuilder/includes/ajax_shortcode_pattern.php?ajax_path=/etc/passwd
and tried to change to …path=/home/erika/flag.txt but error comes out.
Regards and thank you in advance,
1 Like
Solved. Hint: change code without active theme.
Hi
I am stuck in “Obtain a shell on the system and submit the contents of the flag in the /home/erika directory”
how to go ahead in this. Can you please help?
Hi. Sure. Did you manage the reverse shell?
I couldn’t obtain reverse shell.
I am trying to get admin credentials by running password wordlists. Once I get admin credentials, I can plant reverse shell.
Am I on the right track?
Yes 
as I said previously:
and I would add: then, change to the theme where you put your reverse shell (I suppose on 404.php)
I was stuck at the very first question until I read your post. As a result, I completed this assessment and have now officially finished all CBBH modules. Thanks for the hint in your post!
Hi,
Can you help me with what tool and wordlist did you use to find the admin password?
1 Like
Check your DMs.