The first step of this challenge is to load the provided .ova
file into VirtualBox.
To view all established network connections, run:
netstat -ano | findstr ESTABLISHED
After doing so, we observe three processes running with PIDs 1484
, 2412
, and 4552
.
To inspect a specific process, execute:
wmic process where ProcessId=1484 get Name,ExecutablePath,CommandLine
For this process, we find that it is Elasticsearch 1.1.1.
Given this version of Elasticsearch, the relevant vulnerability is CVE-2014-3120