Sense

Search…

Sense

Sense - 10.10.10.60
Target Enumeration:
OS: Linux
IP: 10.10.10.60
User: 8721327cc232073b40d27d9c17e7348b
Root: d08c32a5d4f8c8b10e76eb51a69f1a86
Ports / Services / Software Versions Running
80/tcp  open http     lighttpd 1.4.35
443/tcp open  ssl/http lighttpd 1.4.35
Vulnerability Exploited:
pfSense, a free BSD based open source firewall distribution, version  <= 2.2.6 contains a remote command execution vulnerability post authentication in the _rrd_graph_img.php page. The vulnerability  occurs via the graph GET parameter. A non-administrative authenticated attacker can inject arbitrary operating system commands and execute them as the root user. Verified against 2.2.6,  2.2.5, and 2.1.3.
Exploiting the host:
Nmap
Gobuster:
Website is pfsense
Changelog.txt gives us some information to consider when exploiting
Checking searchsploit gives us the following to consider:
Most do not work authenticated so we need credentials:
Changing our wordlist we discover a new set of credentials:
Default password is pfsense
Load metasploit with and set the following options and execute to get root:
Get root & collect the user flag.

Hack The Box last updated - 2019 - Previous

Tally

Next - Hack The Box last updated - 2019

Jeeves

Last modified 3yr ago

Copy link

Outline

Sense - 10.10.10.60

Ports / Services / Software Versions Running

Vulnerability Exploited:

Exploiting the host: