Bolt
Scanning
Lets run some nmap scans to find open ports and services
Enumeration
Lets visit the website running on port 8000
Looks like CMS bolt is running on this port. We also have the username Bolt. Looking through the site, we can also see another username and a password
We usually find the login page of Bolt CMS pages in the /bolt page, so lets check it out.
Lets login with the credentials we found
Looking at the bottom corner of the page, we see the Bolt version running on the machine.
Exploitation
Lets now go to Exploit-db and look for exploits on this version
We have one, lets look at it
Now lets open Metasploit and look for this exploit, then lets set the options.
Now lets set the last options and run the exploit and get the flag
We have the flag.
Last updated