Astronaut_Grav_Configs

Grav Configurations

---

Checking for configurations of the target Grav instance after performing a manual system enumeration

www-data@gravity:~/html/grav-admin$ head -n 1 CHANGELOG.md
# v1.7.8

The version is 1.7.8

Credential

---

www-data@gravity:~/html/grav-admin$ cat user/accounts/admin.yaml
state: enabled
email: admin@gravity.com
access:
  admin:
    login: true
    super: true
  site:
    login: true
fullname: admin
title: null
hashed_password: $2y$10$dlTNg17RfN4pkRctRm1m2u8cfTHHz7Im.m61AYB9UtLGL2PhlJwe.
pw_resets:
  - 1743430596
reset: '1e5510cedb37bda4b68624a4d94c96f2::1744035396'

Found the credential hash of the admin user; $2y$10$dlTNg17RfN4pkRctRm1m2u8cfTHHz7Im.m61AYB9UtLGL2PhlJwe. hashcat was unable to crack the hash