1. Enumeration:
- Nmap scan:
Web Enumeration:
-
PORT 80:
-
PORT 8080:
tomcat is running and this is its initial page
getting to port 80:
The url looks very suspicious because it including the statement file in a lfi way
local file inclusion:
view-source:http://10.10.10.194/news.php?file=../../../../../../../../../etc/passwd
As I found LFI vulnerability then my next step is to find a way by which we can perform Remote Code execution on target machine through which we can open a shell on our PC to access the machine.