🪒Sense
https://app.hackthebox.com/machines/111
The first problem was to run the gobuster, i had the following error:
The problem comes from an issue with the SSL certificate on the server. The certificate either has already expired or its validity period hasn't started yet, according to the system's clock.
So the command to fix this was:
we found a system-users.txt directory after our scan ->
So after a quick google search we can see that pfsense default credentials is:
So via the login page at /index.html ->
we're in a control panel:
We find this command injection potentially useful:
after a bit of enumeration, we can see how to abuse this CVE:
So let's go to this directory, and capture a request on burp:
Not sure if it's cheating (probably) but i found this script in a GitHub to exploit this vuln: https://github.com/Alamot/code-snippets/blob/master/hacking/HTB/Sense/autopwn_sense.py
Now let's see another way, let's be more manual:
Copy the payload to your local machine:
now we look at the args:
nice one, get the user flag and root flag all in one ->
Last updated