Published on

0xL4ughctf 2024 - Wordpress 3

Authors
  • avatar
    Name
    Lumy
    Twitter

Wordpress 3

Q1. Mention the names of the tools that the attacker used in the attack. (alphapitical order)

Q2. There was a vulnerable plugin that the attacker exploited. What is the C2 server of the attacker, and what is the name of the plugin?

Q3. What is the version of the vulnerable plugin, and what is the CVE number associated with that plugin?

Flag Format OxL4ugh{A1_A2_A3}

Example: 0xL4ugh{tool1_tool2_C2_PluginName_1.2.3_CVE-}

Table of Contents

  1. Source
  2. Solution

Source

The challenge gives us a pcap file : Wordpress.pcapng

Solution

Tools used by the attacker :

wpscan sqlmap

Vulnerable plugin and attacker IP :

canto

Getting the CVE by google dorking : intext:wp_abspath CVE

Flag : 0xL4ugh{sqlmap_WPScan_172.26.211.155_canto_3.0.4_CVE-2023–3452}