OffSec Proving Grounds Practice Walkthrough: Helpdesk

Helpdesk is an easy level of difficulty that focuses on a directory traversal vulnerability in the software the endpoint is hosting.

Enumeration

We perform an nmap scan:

Let's take a look at the webpage being hosted on 8080:

Here we can see the version of the software that's running. From here we can do some research and focus on how to exploit it with the few details we have.

Exploitation

A couple of quick google searches give us two awesome finds:

We can confirm the credentials work by logging in and reaching the dashboard:

From here, we can follow the instructions in the exploit code:

Once the war file has been created and the listener has been set up, run the exploit code:

Check your listener and profit:

Reference for Exploit:

https://github.com/PeterSufliarsky/exploits/blob/master/CVE-2014-5301.py