Last time when I tried HackTheBox CTF I found that one of the machines has Monstra CMS installed. Because I found that few bugs are already publicly disclosed for that CMS[1,2,3] I decided that it will be a good idea to do another "quick autopsy"... Here we go.
I found Monstra CMS here:
To install this CMS I used Ubuntu 14 and VirtualBox. (As far as I know you should enable mod_rewrite - a2enmod rewrite - and restart Apache server.)
When your environment is ready, Monstra is waiting for you ;)
In my proof-of-concept I used same credentials as I found on the HTB machine - the 'default' one. ;]
To use it, we need to also prepare a ZIP file (with our shell in PHP). Zipped file should be in the same directory as poc-code.
After a while you should receive similar results to those presented below:
On your Ubuntu-server you should now see a new plugin-folder created (under <monstra>/tmp/), see below:
In case of creating a meterpreter session - I will leave it for you as an exercise ;)