This article details a comprehensive Red Team operation on TryHackMe’s Daily Bugle room, involving Joomla web exploitations, SQL injections, and privilege escalation on a Red Hat Linux system. It emphasizes techniques used for reconnaissance, exploiting vulnerabilities, gaining shell access, and capturing flags. #Joomla #SQLInjection
Keypoints
- The attack begins with port scanning to identify open services, including an HTTP web server and a MySQL database.
- Enumeration revealed Joomla 3.7.0 and multiple vulnerable paths, including the administrator panel.
- A known SQL injection vulnerability was exploited using sqlmap to enumerate databases and extract data.
- The attacker used a Joomla exploit to obtain credential hashes and cracked the password for admin access.
- Privilege escalation was achieved via GTFOBins by exploiting passwordless sudo permissions, leading to root access and flag retrieval.