Kryptos2577 Posted November 7, 2019 Share Posted November 7, 2019 Hi guys, I am new to this forum and after looking around nearly everywhere, I am unable to find an answer to this question and hoped you could help. After scanning a website with nkito, the result showed that it was vulnerable to the sips vulnerability and that I could login as admin without knowing the password. However, after inputting the information in the url, I was simply redirected to the login page which also contains a captcha. Is there anyway I can still exploit the vulnerability such as using Metasploit?? Please help Link to comment Share on other sites More sharing options...
Rkiver Posted November 7, 2019 Share Posted November 7, 2019 And which website would that be? Link to comment Share on other sites More sharing options...
Kryptos2577 Posted November 10, 2019 Author Share Posted November 10, 2019 Its on a ctf game I am trying to do rn. To do it, I have to hack the login but nikto shows very few vulnerabilities Link to comment Share on other sites More sharing options...
Licnex Posted April 30, 2023 Share Posted April 30, 2023 Yeah same here,a friend of mine gave me a more complex version of DVWA to test my skills. I ran Nikto on it and found a vulnerability identified as "OSVDB-44056". I'm not too sure what it means(only that it is related to sips v0.22), but I tried checking for it in Metasploit and didn't find anything. Link to comment Share on other sites More sharing options...
Irukandji Posted April 30, 2023 Share Posted April 30, 2023 This topic is 3 years old.. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.