NEXUS
OFFSEC - Proving Grounds - SONA
·3001 words·15 mins
OFFSEC PG PRACTICE
NEXUS
SONATYPE
Brute-force NEXUS admin password on port 23. Use credentials on port 8081 and using CVE-2020-10199 gives initial access. move laterally to sona and edit cronjob’s base64.py for root.