Kryptos2577 Posted November 7, 2019 Share Posted November 7, 2019 Hi guys, I am new to this forum and after looking around nearly everywhere, I am unable to find an answer to this question and hoped you could help. After scanning a website with nkito, the result showed that it was vulnerable to the sips vulnerability and that I could login as admin without knowing the password. However, after inputting the information in the url, I was simply redirected to the login page which also contains a captcha. Is there anyway I can still exploit the vulnerability such as using Metasploit?? Please help Quote Link to comment Share on other sites More sharing options...
Rkiver Posted November 7, 2019 Share Posted November 7, 2019 And which website would that be? Quote Link to comment Share on other sites More sharing options...
Kryptos2577 Posted November 10, 2019 Author Share Posted November 10, 2019 Its on a ctf game I am trying to do rn. To do it, I have to hack the login but nikto shows very few vulnerabilities Quote Link to comment Share on other sites More sharing options...
Licnex Posted April 30, 2023 Share Posted April 30, 2023 Yeah same here,a friend of mine gave me a more complex version of DVWA to test my skills. I ran Nikto on it and found a vulnerability identified as "OSVDB-44056". I'm not too sure what it means(only that it is related to sips v0.22), but I tried checking for it in Metasploit and didn't find anything. Quote Link to comment Share on other sites More sharing options...
Irukandji Posted April 30, 2023 Share Posted April 30, 2023 This topic is 3 years old.. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.