Exploitation of Dolibarr 17.0.0 (CVE-2023-30253)
HackTheBox - BoardLight Writeup
Exploitation of Dolibarr 17.0.0 (CVE-2023-30253)
INFORMATION GHATERING
Nmap
Scan IP Address with nmap
1
nmap -p- -sV -sC --min-rate 1000 10.10.11.11
Nmap result:
- Port 22 is open (SSH)
- Port 80 is open (http)
After the nmap scan, its have an apache server listening on port 80. Try to access the ip in browser and find the domain.
Scroll down to the bottom of the page and i found a hostname
This post is licensed under CC BY 4.0 by the author.