PG Helpdesk

The first thing that catches my eye is Samba and Tomcat. I go after Samba first.

I exploited MS09-050 (CVE-2009-3103) a few hours ago on the PG-Internal box. I try the same metasploit exploit again. It does not work. I try to list out the shares using smbclient -L \\192.168.232.43 and smbmap -H 192.168.232.43 -r. It does not work. I abandon Samba and go after the Tomcat instance next.





The app looks very retro 90s. This gives me high hopes this is the way in. I google default creds. I copy/paste administrator into the username and password box. I am in. I navigate for about 10 minutes and then see the "About" link. I can get a version out of that. The version is "ManageEngine ServiceDesk 7.6.0 build 7601". I google that and put "exploit" at the end. I read through the first github return and decide to try.

⭐ Solved In Under An Hour ⭐

Lessons Learned

  1. First time seeing ManageEngine ServiceDesk 7.6.0
  2. Nothing else learned. Good indication I should jump to Intermediate boxes soon. I may leave these Easy Boxes for when I have time-restricted days.

Comments

Popular posts from this blog

Palo Alto for GNS3 CCDC Tutorial

Trace Labs Global Missing Persons CTF V

Release of CCDC ISE Manager Website