Web Services

Port 80 and 443, were hosting some sort of gaming forum where there some mentions of a videogame that they were playing foreshadowing to the exploitation of Unreal Tournament 99. Morever I tried to exploit different vulnerabilities that this "DragonFly" CMS is vulnerable to but I was not able to get anyting out of it.

Notice the RCE exploit at the top.

I unfortunately did not have access to the install.php parameter that the exploit was refering to.

I didn't want to get hardstuck on making this exploit work so I just went away and enumerated more.

/phpmyadmin/

VERSION 4.4 was not vulnerable to any public exploits so besides bruteforcing the login portal was not able to do much.