PRISON MANAGEMENT SYSTEM
OFFSEC - Proving Grounds - VMDAK
·3176 words·15 mins
OSCP
OFFSEC PG PRACTICE
PRISON MANAGEMENT SYSTEM
MYSQL
CHISEL
JENKINS
BURP
Prison management system on port 9443 vulnerable to SQL injection & RCE once initial access got MySQL creds and SSH in. Using port forward on 8080 we can exploit Jenkins (CVE-2024-23897) for root.