Throughout this exercise, we performed the following critical steps:
- We started by conducting an Nmap scan on the target IP address, which is 192.168.174.132.
- The Nmap scan revealed that port 80 at 192.168.174.132 is open.
- Next, we did a fingerprint of the application running on port 80 and encountered Apache 2.4.7 running.
- We tried browsing to the HTTP port. However, we couldn't find anything.
- We ran the dir_scanner module to perform a dictionary-based check on the Apache server and found the PhpCollab application directory.
- We found an exploit module for PhpCollab using searchsploit and had to import the third-party exploit into Metasploit.
- Next, we exploited the application and gained limited user access to the target ...