plan.bitforge.lab
A virtual host / sub-domain, plan.bitforgee.lab, has been discovered
/Practice/BitForge/2-Enumeration/attachments/{1F4672AE-8173-4C30-9898-73B57762449F}.png)
The /etc/hosts file on Kali has been updated for the plan.bitforge.lab host
┌──(kali㉿kali)-[~/PEN-200/PG_PRACTICE/bitforge]
└─$ curl -I -X OPTIONS http://plan.bitforge.lab/
HTTP/1.1 302 Found
Date: Sat, 12 Apr 2025 15:00:48 GMT
Server: Apache
Location: www/index.php
Content-Length: 0
Content-Type: text/html; charset=UTF-8
┌──(kali㉿kali)-[~/PEN-200/PG_PRACTICE/bitforge]
└─$ curl -I -X OPTIONS http://plan.bitforge.lab/www/index.php
HTTP/1.1 200 OK
Date: Sat, 12 Apr 2025 15:00:53 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Set-Cookie: soplanningplanning_=jir16lj5t7ifvhlitpgeot2vtn; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: text/html; charset=iso-8859-1
┌──(kali㉿kali)-[~/PEN-200/PG_PRACTICE/bitforge]
└─$ curl -I http://plan.bitforge.lab/www/index.php
HTTP/1.1 200 OK
Date: Sat, 12 Apr 2025 15:00:56 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Set-Cookie: soplanningplanning_=fij1lfn7nglvrvil5g94a6o347; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Type: text/html; charset=iso-8859-1302 to www/index.php
/Practice/BitForge/2-Enumeration/attachments/{588DE93C-667A-4886-A878-DEDB4081A908}.png)
Login page for Simple Online Planning
Version information is disclosed; 1.52.01
/Practice/BitForge/2-Enumeration/attachments/Pasted-image-20250412170306.png)
SOPlanning is an online project management software designed to improve visibility for your team
Source code is available for review
Vulnerabilities
/Practice/BitForge/2-Enumeration/attachments/{4413F0DB-2233-4695-A6B9-8864A4241494}.png)
The target SOPlanning instance suffers from a RCE vulnerability
However, it requires authentication