Hello, im doing nibbles and im already in the admin account. And now im really lost what to do next. I tried many ways to exploit but i didnt get any progress. Pls help me. (Or pm me)
google for nibble exploits
i have this error and i choose password ,targeturi and username [-] Exploit aborted due to failure: no-access: Unable to login. Verify USERNAME/PASSWORD or TARGETURI.
Well you’re typing one of them wrong. username, password or targeturi.
@ozeren27 i know password and i know username and targeturi is nibbleblog …but not working ,why?
@T3jv1l said:
@ozeren27 i know password and i know username and targeturi is nibbleblog …but not working ,why?
For meterpreter you need to set lhost, rhost, uri, admin, password, and payload. And you need to pick the right payload.
Anyone got root? So stuck
@darthgucci lhost my ip ,rhost ip machine ,username axxxx , password xxxx , targeturi /nibbleblog/xxxx.php ,payload php/meterpreter/reverse_tcp …Why not worked?
@T3jv1l said:
@darthgucci lhost my ip ,rhost ip machine ,username axxxx , password xxxx , targeturi /nibbleblog/xxxx.php ,payload php/meterpreter/reverse_tcp …Why not worked?
Read/google the exploit, work out what it does, and do it manually. It’s a simple one
i try manualy but i dont know what port to use for nc
Try both and see what happens. Experiment.
I try the both …but nothing
for those of you trying to get root, once you enumerate the system you need to figure out how to exploit the interesting this you find from the enumeration output
also remember google is your friend
Could someone plz send me the login password? I had enough of bad enumerations and would like to move forward.
Thanks!
@BitsCruncher said:
Could someone plz send me the login password? I had enough of bad enumerations and would like to move forward.
Thanks!
Dude the password is literally staring you in the face…