🎫
UT99
  • UT99
    • Summary
  • Enumeration
    • TCP
    • UDP
    • Web Services
      • Dirsearch
    • Other Services
      • FTP
      • IRC
  • Exploitation
  • Privilege Escalation
Powered by GitBook
On this page
  1. Enumeration

Web Services

PreviousUDPNextDirsearch

Last updated 2 years ago

Port 80 and 443, were hosting some sort of gaming forum where there some mentions of a videogame that they were playing foreshadowing to the exploitation of Unreal Tournament 99. Morever I tried to exploit different vulnerabilities that this "DragonFly" CMS is vulnerable to but I was not able to get anyting out of it.

Notice the RCE exploit at the top.

I unfortunately did not have access to the install.php parameter that the exploit was refering to.

I didn't want to get hardstuck on making this exploit work so I just went away and enumerated more.

/phpmyadmin/

VERSION 4.4 was not vulnerable to any public exploits so besides bruteforcing the login portal was not able to do much.