I have been working in the Telecom industry for just over 10 years, and in the last 2 years, I have been dedicating a lot of time to the study of Offensive Pentesting.

In the midst of this journey, I came across VitalPBX, an excellent platform for those who want to build their own call center, with various features and well-designed reports, among other benefits.

While admiring the platform and exploring its features, I came across the Task Manager module, which, in conjunction with Cron Profiles, allows you to schedule a script to be executed through the VitalPBX interface itself. I found this functionality very interesting and decided to test it.

However, for this to work, it's necessary to place a script in a specific directory, which is "/var/lib/vitalpbx/scripts", and enable the Task Manager add-on.

So, out of curiosity, I began analyzing what was being sent to the server using Burp. To do this, I created a Cron Profile to execute every minute.

Next, I proceeded to create the Task Manager.