My target requires the
Authorization header with credentials to get into. I have the credentials but the module I’m using (
multi/http/mediawiki_thumb) doesn’t seem to have an option for
I’ve tried setting
user:firstname.lastname@example.org but that gives the error
(-) Exploit failed: One or more options failed to validate: RHOSTS..
I’ve also tried setting
HttpPassword to the respetive credentials, with
/ (I believe that’s the root since it’s the root of the files in mediawiki, confirmed by running
gobuster on files in the repository) but that gives me the error
(-) Exploit aborted due to failure: unexpected-reply: Couldn't find login token. Is URI set correctly?.
What am I doing wrong here? Is it the URI or the