📞eLection1 - OffSec

Download OffSec VPN

Connect OffSec VPN using Kali Terminal

Ping the OffSec machine IP for the connectivity after conencted VPN

Now start the Nmap Scan

nmap 192.168.164.211 -sC -sV -vv -oN nmap/eLection01.txt -Pn

nmap 192.168.164.211 -A -oN nmap/eLection01.txt

-A - Enables OS detection, version detection, script scanning, and traceroute

Try now using GoBuster

gobuster dir -u http://192.168.164.211 -w /usr/share/wordlists/dirbuster/directory-list-2.3-medium.txt

Try to navigate all the above directories and try to identify the credentials

/election directory doesn’t appear to contain anything interesting, so I decided to enumerate more.

try using Phpmyadmin default credentials

/phpMyAdmin directory doesn’t appear to contain anything interesting and default credentials not working, so enumerate more.

Paralley try using feroxbuster

feroxbuster -u http://192.168.164.211/ -x pdf -x js,html -x php txt json,docx

Try to use Gobuster more in /election directory

gobuster dir -u http://192.168.164.211/election -w /usr/share/wordlists/dirbuster/directory-list-2.3-medium.txt -x php,txt

We have identified below directories and try to navigate the directories

http://192.168.164.211/election/themes http://192.168.164.211/election/data http://192.168.164.211/election/admin http://192.168.164.211/election/lib http://192.168.164.211/election/languages http://192.168.164.211/election/index.php

Card.php identified some data we will try to do google search

Now try Using Burpsuite