Proving Grounds - Hub
Box Overview Hub is a Linux machine from Offensive Security’s Proving Grounds featuring FuguHub - a web-based file server with an unauthenticated remote code execution vulnerability. This box demonstrates the importance of patching known CVEs and proper authentication mechanisms. Enumeration Nmap Scan sudo nmap -sS -sC -A 192.168.229.25 -T4 -oN first.scan Open Ports: 22/tcp - SSH (OpenSSH 8.4p1 Debian) 80/tcp - HTTP (nginx 1.18.0) - 403 Forbidden 8082/tcp - HTTP (Barracuda Embedded Web Server) - FuguHub 9999/tcp - HTTPS (Barracuda Embedded Web Server) - FuguHub SSL Service Analysis Port 8082 - FuguHub Interesting findings:
Read more ?