↓Skip to main content

PROFTPD

OFFSEC - Proving Grounds - FRACTAL

30 August 2025·3258 words·16 mins

OFFSEC PG PRACTICE SYMFONY PROFILER PROFTPD MYSQL SSH-KEYGEN

Exploit Symfony 3.4.46 on port 80 via /_fragment RCE for initial access. Use MySQL creds from proftpd to add benoit user, log in via FTP, add SSH key, and escalate to root with sudo.