🎈 The web server on the default port 80 hosts a demo virtual host, accessible with guest credentials. While reviewing the links, I discover a MinIO Metrics section that is visible due to a Line Feed (LF) injection vulnerability.
This allows me to analyze the logs, leading to the discovery of a new virtual host.
This new virtual host uses the MinIO platform and reveals the service version, which is vulnerable to CVE-2023-28432. This is an information disclosure vulnerability that exposes the root user's credentials of the platform.
After a thorough analysis, I determine that a specific version of a bucket leaks critical information related to an identity-based secrets and encryption management system.
Finally, privilege escalation is achieved by leveraging a program that can be executed with elevated privileges by a user.
Pentester [ OSCP | ARTE | GRTE | CARTP | OSWP | eCCPTv2 | eWPT | CETI | eJPT ] EA2FCY
2moPrueba Ligolo y verás que no te hace falta tirar de hilos 😄