I got user and root, and was going back to poke some more, but the same script and time range I used before, multiple times, is not working now. What gives?!
EDIT: Never mind. I had Metasploit listening for the reverse shell, and when the script hit my evil file it connected to the shell and then died without reporting it as a valid link.
Guy am i just being heavily retarded here, Ive gone the low port route and called the git script which then gives me a success, However when i follow the link im greeted with a 404 and get no return no matter how i set this up, fairly new so any PM or help is greatly appreciated.
When I run a Nmap scan (nmap -sV -sC -oA nmap 10.10.10.121) the result I get is:
“PORT STATE SERVICE VERSION
25/tcp open tcpwrapped
|_smtp-commands: Couldn’t establish connection on port 25”
I also tried “enum4linux” but didn’t get anything.
How should I proceed from here? Need some help/guidance…
When I run a Nmap scan (nmap -sV -sC -oA nmap 10.10.10.121) the result I get is:
“PORT STATE SERVICE VERSION
25/tcp open tcpwrapped
|_smtp-commands: Couldn’t establish connection on port 25”
I also tried “enum4linux” but didn’t get anything.
How should I proceed from here? Need some help/guidance…
When I run a Nmap scan (nmap -sV -sC -oA nmap 10.10.10.121) the result I get is:
“PORT STATE SERVICE VERSION
25/tcp open tcpwrapped
|_smtp-commands: Couldn’t establish connection on port 25”
I also tried “enum4linux” but didn’t get anything.
How should I proceed from here? Need some help/guidance…
When I run a Nmap scan (nmap -sV -sC -oA nmap 10.10.10.121) the result I get is:
“PORT STATE SERVICE VERSION
25/tcp open tcpwrapped
|_smtp-commands: Couldn’t establish connection on port 25”
I also tried “enum4linux” but didn’t get anything.
How should I proceed from here? Need some help/guidance…
I think you should start by studying and learning. There are lots of videos with walkthroughs, check for example ippsec channel wich absolutely great. Also read writeups.
You have to build a base of knowledge.
Someone can give me a tip with the user of this box. I understand that the server date with my PC is not coordinated but I don’t know where to go from here.
I’m banging my head against a brick wall … I have found the user injection point, I have found the folder for t*****s, and I have tested with a jpg and txt. I just can’t get past the extension filter. Can someone PM me with a hint
i NEED HELP plz , i stuck with the upload shell, i found the creds from port XXXX, and i logged into the main web site and found out that the upload direction would be easier than to get admin by b**** s*** , but i couldn’t upload the shell, btw i read the source code and i tried harder, all the ways that i know to bypass the upload mechanism, any hint for that point plz.