Hi guys, What should i do to exploit the CVE-2014-2324 vulnerability?

Hi Criminal IP Forums!

When I’m exploiting the CVE-2014-2324 vulnerablity : I get the following error

HTTP / 1.1 401 Unauthorized
There is a login on the server port 80

And my exploit won’t applied

What should I do to exploit this vulnerability?

Who is the target?

What do you mean? There is lighttpd on port 80 and it shows me a login page.

yeah, but who are u attacking? what web

Does it really matter? I’m just asking a question. Just give me a solution

it does matter, attacking on a legit website is illegal, before saying anything on the group read the rules, in the rules no illegal stuff here, hence i cant give u anything about what ur asking

How can you know If it’s illegal or not? And how can I share my server ip? It’s not possible right?

lol, according to any law, if u dont have a written permission to try and penetrate a website, thats illegal. and if u do have a permission, then u are a pentester, so u should know what to do in what situation that u counter in ur session instead of asking a telegram group

the first thing is to authorize urself somehow

I don’t want to hack anywhere without the permission. I’m not a pro pen tester. I just saw this bug and want to know about this issue and why this happened. So I said maybe you guys can help me why I get 401 error while exploiting

don’t know much about that CVE entry. unless you intend to responsibly disclose, don’t take your testing to its logical end

that CVE comes with another one which 2014-2323 wich is an sql injection.

As long as the site isn’t broken, he can get permission. that’s how big bounties work

but its pretty old i mean 2014. what website still have such thing.

an old site using legacy products or a lazy sysadmin