Default/Weak Password in Custom CMS

Step 1: Go to the URL to access the lab (The URL may be different for each user). http://13.127.128.105/Default-Weak-Passwords/Default-Weak-Password-in-Custom-CMS-Variant-1/

Step 2: Use Bulla's credentials which you have used in the previous exercise. Username: bulla Password: bulla@123

Step 3: Click on the 'Login' button.

Step 4: Upload any previously used PHP or HTML file and upload it.

Step 5: Copy the given path to access the uploaded file. (This will appear on the page itself after you upload the file. It will differ for everybody.) http://[ip]/static/uploads/Default-Weak-Passwords-V3/yourfilename.html/php

Step 6: Now paste this path in the URL of the page, like this: http://13.127.128.105/static/uploads/Default-Weak-Passwords-V3/yourfilename.html/php

PreviousHow to guess password for a standard login page NextFingerprinting Components with Known Vulnerabilities

Last updated 1 year ago