Embedded Files
Nmap Scan Result
I couldn't move forward after several attempt of enumeration. Then I decided to use rockyou as my directory bruteforce wordlist and found an hit. a page spelt "retaurante", Spanish I suppose. The site was running drupal 7 though.
I checked Metasploit for a possible exploit, tried a few and found one that works. I was able to get a meterpreter session after running the exploit.
There was a user1 on the device, switched user using password "user1". I ran Linpeas.sh and found a belonging to root that is readable by me conataing root password.
Page updated
Google Sites
Report abuse