MantisBT Admin
Validating the cracked credential of the administrator user against the target Mantis Bug Tracker instance.
/Practice/Mantis_OffSec/3-Exploitation/attachments/Pasted-image-20250410215700.png)
/Practice/Mantis_OffSec/3-Exploitation/attachments/{C2DF0896-4483-4824-A463-F3DC23FCFF9A}.png)
/Practice/Mantis_OffSec/3-Exploitation/attachments/{48A9B236-A1D7-4534-BF54-ECD0A98CBA74}.png)
Validated
Authentication successful
Vulnerabilities
/Practice/Mantis_OffSec/3-Exploitation/attachments/{F501CB49-19EE-442D-BD41-E24058647694}.png)
Looking it up online for vulnerability reveals another article about an authenticated RCE exploit; CVE-2019-15715