Firstly, make sure to spawn the target in, in my case,
-
+
+
Something to note about hackthebox attacks that isn't mentioned within the academy, is that the port number is where the malicious *thing* is, it's a neat little hint for things like this.
@@ 57,7 58,7 @@
```
Here we can see it's "Just Another Wordpress Site". Therefore, if we try to go to the domain:
-
+
Now it's time to use metasploit and see what we can do
