2 docs tagged with "OSCPprep/TJNull"

This is a Linux machine vulnerable to CVE-2023-43364. Gained user credentials from config file of git folder. sudo -l showed file executed by root. Exploited relative file path to gain root access.

A Linux machine vulnerable to SSRF exploited via CVE-2023-27163 allowing to view hidden service - Mailtrail running on port 80. This service - Maltrail (v0.53) is vulnerable to RCE allowing user shell access. This is escalated using misconfigured systemctl binary of version systemd 245 (245.4-4ubuntu3.22) vulnarable to CVE-2023-26604 allowing root shell access.