Hack The Box :: Sense

pfsense | default credentials | exposed unattended files

Run NMAP to see what the machine is running

Visiting the web server gives pfsense login page. It doesnt accept default credentials admin/pfsense. Running directory recon on the web server.

changelog.txt and system-users.txt looks interesting.

Do looks like rohit might be one of the user. The default password can be pfsense ?

searching for that version of pfsesne in metasploit gives a hit.

And we have root !