외로운 Nova의 작업실

1. port scan result address port 10.10.10.13 22,80,53 2. initial access - sql injection Vulnerability Explanation : admin.cronos.htb web page do not verify input value. so i could inject the sql query, i access admin page. and also, admin.cronos.htb/welcome.php page do not verify input value. i could inject the command query. so, i geted reverse_shell Vulnerability Fix : always verify user's inp..

1. port scan result address port 10.10.10.7 22,80,110,111,143,443 2. initial access - LFI vulnerability Vulnerability Explanation : when i acceessed https, i find out that this web server is elastix. elastix 2.2.0 version has LFI vulnerability. i tried to use the LFI exploit for web server. and this web server has been vuln Vulnerability Fix : update elastix server Severity : critical Steps to r..

1. port scan result adree prot 10.10.10.75 22,80 2. initial access - nibbles plugin vulunability Vulnerability Explanation : i find out that web page use nibbles plugin and find out that plugin version is 3.7. this version has CVE-2015-6967. Vulnerability Fix : upate nibbles plugin Severity : critical Steps to reproduce the attack : using this vulnerability need to id and password. so, i should ..

1. port scan result address port 10.10.10.3 21,22,139,445 2. initial access - sambd Vulnerability Vulnerability Explanation : when i have scanned, i find out sambd in port 445 and this version was 3.0.20. this version has CVE-2007-2447. this Vulnability be occured by precces that excute script to mapping user name Vulnerability Fix : update smbd version Severity : critical Steps to reproduce the..

1. port scan result IP Address Port 10.10.10.68 80 2. initial access - phpbash.php Vulnerability Explanation :I have scanned the port . i used gobuster to find directorys. i finded phpbash.php in /var directory. this php file was server bash program as www-data user. there is picture below Vulnerability Fix : if it is possibe, delete phpbashe.php file Severity : critical, Steps to reproduce the ..

1. port scan result 2. initial access Vulnerability Explanation : Vulnerability Fix : Severity : critical Steps to reproduce the attack : post-exploitation : 3. lateral movement Vulnerability Explanation : Vulnerability Fix : Severity : critical, Steps to reproduce the attack : post-exploitation : 4. privilege escalation Vulnerability Explanation : Vulnerability Fix : Severity : critical, Steps ..

1. port scan result IP Address Open Port 10.10.10.4 135 139 445 2. initial access - ms08_067 vulnerability Vulnerability Explanation :I scanned the port and the 445 port was running as SMB protocol. system os was window XP. window XP is subject to ms08_067 vulnerability. Attacker can use this vulnerability to cause arbitrary remote code excution and take complete control over the system Vulnerab..

1. port scan result IP Address Port Open 10.10.10.56 80 2. initial access - ShellShock Vulnerability Explanation : CGI to use Shell is subject to ShellShcok vulnerability. Attacker can use this vulnerability to cause arbitrary remote code excution and take complete control over the system Vulnerability Fix : update to latest bash shell and move CGI directory(cgi-bin) to place where user can't ac..