RDS
OFFSEC - Proving Grounds - ZENPHOTO
·2772 words·14 mins
OFFSEC PG PRACTICE
ZENPHOTO
RDS
Website on port 80 runs ZENPHOTO 1.4.1.4, vulnerable to RCE exploit, granting www-data access. RDS Protocol LPE (CVE-2010-3904) escalates to root.