Zenphoto 🔸

Enumeration

The webpage is under construction.

We find a test folder with feroxbuster.

And the robots.txt.

The test root is the gallery.

And we have admin access.

If we look at the source code, we get the version.

Initial Access

Fixing the PHP script.

Get the flag.

Privilege Escalation

Get a more stable shell with python.

Transfer linpeas.

Using rds one:

https://www.exploit-db.com/exploits/15285

Post Exploitation