Stuck on "Ultimatum" Machine: Need Help Identifying CVE Exploited by Attacker

carter.kim · June 19, 2024, 2:00pm

Hello everyone,

I’m currently working on the “Ultimatum” machine and I’m stuck at identifying the CVE that was exploited by the attacker. The logs show multiple requests targeting xmlrpc.php and other WordPress files, which suggests an XML-RPC vulnerability.

Given these observations, I believe it might be related to an XML-RPC vulnerability, but I’m not sure if I’m on the right track. Could someone please help me identify the correct CVE or guide me on what I might be missing?

Thanks in advance for your assistance!

joher · June 19, 2024, 3:21pm

xmlrpc.php was used for different thing. check the victim module which was used to create a user. there are not to many CVEs for it

Topic		Replies	Views
Attacking WordPress Users Challenges	2	671	March 2, 2022
Some questions about Shield Machines meterpreter , juicy-potato , shield-starting-poin	1	888	September 19, 2021
Possible unauthorized access to virtual machines Site Feedback academy	6	434	June 18, 2024
Skill Assestment - Injection Attacks Academy	23	976	August 9, 2024
How to identify an XXE vulnerability in a webserver? Exploits xxe	0	589	April 16, 2020

Stuck on "Ultimatum" Machine: Need Help Identifying CVE Exploited by Attacker

Related topics