Our great sponsors
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
-
wpscan
WPScan WordPress security scanner. Written for security professionals and blog maintainers to test the security of their WordPress websites. Contact us via [email protected]
First, we will be checking for open ports. I will be using rustscan here (because it's fast, and it's basically the Rust implementation of nmap), but you are free to choose whatever port scanner you like.
My go-to tool for Linux privilege escalation is LinPEAS. LinPEAS provides suggestions on how you could escalate your privileges to root.
@secnigma has actually written a PoC (proof-of-concept) for this. Let's copy the contents, and paste it on the server using vim.
So the website is using Wordpress. Having said that, we are going to use WPScan. But before that, make sure that you have already acquired your API token before using WPScan or you will never be able to utilize the scanner. You can get your own API token by signing up on their website.