From a44dac04d43921d4fc67513f2ad580eecd4e60e5 Mon Sep 17 00:00:00 2001
From: Metin Yunus Kandemir <76125965+passtheticket@users.noreply.github.com>
Date: Tue, 26 Mar 2024 00:33:06 +0300
Subject: [PATCH] Update README.md

---
 cockpitProject/README.md | 8 ++------
 1 file changed, 2 insertions(+), 6 deletions(-)

diff --git a/cockpitProject/README.md b/cockpitProject/README.md
index 9de8176..4dd519b 100644
--- a/cockpitProject/README.md
+++ b/cockpitProject/README.md
@@ -4,12 +4,8 @@
 * OS: Ubuntu 18.04
 * Page: login
 
-User can detect open ssh port or another open ports on server that services Cockpit last version. This is a vulnerability that allows an user send request to internal hosts for detecting open ports. So that firewall configuration can be bypassed or the server can be used like gateway by malicious user for scanning process. 
-In addition, user induces the application to make an request back to the server that is hosting Cockpit. 
-For example: if system admin creates iptables rule to drop all packets that come to 22 port or another port, user can detect whether port 22 is open or not.
-
-Assuming that there is a iptables rule which port 22 is open for 127.0.0.1 (loopback interface) but is closed for other interfaces.  
-
+An unauthenticated user can detect open ssh port or another open ports on server that services Cockpit last version.  In addition, this vulnerability that allows a user sends request to internal hosts for detecting open ports so that firewall configuration can be bypassed or the server can be used like gateway by attacker user for scanning process. For example, if system admin creates iptables rule to drop all packets that come to 22 port or another port, user can detect whether port 22 is open or not.
+Assuming that there is a rule which the port 22 is open for 127.0.0.1 (loopback interface) only .
 
 ```
 First HTTP Request: