[HTB] teacher
Attacking Vector http->code injection->web reverse shell -> priv esc Decision Tree 1)discovery : which ports are opened?– only 80 port is opened 2)enumerate : third party web platform?– use gobuster to check directory structure– check the website, does it use open source platform? any known vulnerabilities? – are those files really images? or have weird…