Hi,
I’m hoping someone can help me?
I’ve managed to get into the C******* system and have found the CVE which I have modified to get RCE via both the script or manually through editing in the Web App and using Burp.
I know the RCE is working as I can ping myself and see request coming back with tcpdump and also read back results of commands i’ve passed (eg running whoami or ls commands). Whatever i seem to try though I’m not able to get an interactive reverse shell to work using this method. I’ve tried multiple types but none of them connect back? (I’m guessing due to the same thing that made getting the RCE working difficult)!
Should I be able to get a reverse shell from here or do i need enumerate further to get a shell?
TiA