search

Metallus

Writeup for Metallus from offsec Proving Grounds

hashtag
Information Gathering

sudo ./nmapAutomator.sh 192.168.70.96 all

hashtag
Service Enumeration

hashtag
HTTP (Port 40443)

We see that this is running ManageEngine Applications Manager (Build No: 14700).

We try the default credentials admin:admin and we are authenticated.

hashtag
Exploit

LogoManageEngine Applications Manager 14700 - Remote Code Execution (Authenticated)Exploit Databasechevron-right

And we're in.

PreviousInternalNextLinux

Last updated