Write Up - Hidden CMS Breach
Lab Explanation: A web server sits quietly in the corner of the network, but something tells you there's more than meets the eye. 🌐 The homepage reveals little, yet beneath the surface lies a complete application waiting to be discovered. Through careful enumeration and exploitation, can you turn a simple web server into full system access? Sometimes the best secrets are the ones hiding in plain sight. 🔓
Lab Link: Hidden CMS Breach | flags | HackerDNA
- Browsed to site to view webpage

- Nothing was found in Dev Tools (F12)
- We now know the location of the two flags
- /home/flag_user.txt
- /root/flag_root.txt
- Run NMAP against the target
- Results:

- User CURL on Robots.TXT
- Browsed to /new_website? page and found additional CMS Page
- Adjusted URL to include /Admin and I found a login page
