OSCP Prep Box 62 – CVE-2023-33831- Proving Grounds Practice

Posted on

Hi everyone

Today we are going to look for a Box called CVE-2023-33831 which is rated as intermediate in terms of difficulty. This machine has various phases: Recon, Enumeration and Exploitation,

Box Type: Linux

Recon & Enumeration

Enumeration plays a very significant role in pen testing. The more properly you enumerate the more it will be easy to get a foothold on the target.

First, we will check whether target is reachable or not with ping command:

ping Target_IP

With ping command output we found that the target is reachable.

Now let’s move ahead and run the port scan for which we will be using Nmap a popular tool for port scanning and it will provide details of the various ports which are in Open state. The command for that will be:

nmap -sC -sV -O -oA nmap/initial 192.168.233.35

nmap -sC -sV -O -p- -oA nmap/full 192.168.233.35 -T4

nmap -sU -O -oA nmap/udp 192.168.233.35 -T4

I discovered these ports are open:

  • 22/tcp – SSH Service running OpenSSH 8.2p1 Ubuntu 4ubuntu0.9 (Ubuntu Linux; protocol 2.0)
  • 80/tcp – HTTP Service running Node.js Express framework
  • OS: Linux

Then I went ahead and checked the IP in the web browser and I found a something running on port 1881:

I checked lab, editor and found version of FUXA in the editor window:

Exploitation

I found the Unauthenticated RCE exploit for the same and used it in order to get the root foothold:

Exploit Link

I started the netcat listener:

The above image shows the proof.txt file.

Key Takeaways

  • Enumeration isn’t just scanning, it’s about spotting the one version detail that leads to compromise.
  • Known CVEs aren’t plug-and-play, understanding how they work makes exploitation reliable.
  • Initial access is just the entry point, always validate what level of access you actually gained.
  • Web services often expose hidden attack paths, small endpoints can lead to full compromise.
  • Exploits fail more than they work, adapting them to the target environment is key.
  • Privilege escalation is about control, find what runs with higher privileges and make it execute your logic.

If you enjoyed this post, share it with your friends and colleagues!

Leave a Reply

Your email address will not be published. Required fields are marked *