@jasperonio said:
Am I the only one can’t found script to exploit h++p based b+++er o+++f+++ of r+++s ? ■■■■!
I figure out the vulnerability is CVE-2019-101++ but now I don’t know what can I do, if it’s right way… Any hint for me, please?
Rooted the box, learned a lot. Thanks to @TheCyberGeek.
Hints:
Everything on this forum is already enough but sharing my part.
Foothold: Do not waste time on regular port, stick to rs, get the script fine tune it and you are in.
User: Do very basic enum and you will get the juicy file just give it to john as he loves juicy things.
Root: You will need to use m*****t get the right exploit that you found on higher port run it and you are done.
I am studying for the OSCP and I have just rooted this box. If anyone was able to get root without the “tool that makes it easy”. Please send me a message. I am trying to find a way to do it but I am not too sure how to go about it.
I got access to r… user and found i._…b… file and got a match of c…8 using john. Do I need to use this information to port 10,…? I tried using s.h to M…t and r…t but Permission denied.
Rooted my first box. Thank you @TheCyberGeek, I learned a lot.
I’m stuck, I can’t even understand how to get the user r***s. Even with all the clues, the exploits don’t work and I don’t understand what I have to list, please PM me
I found the service through an initial scan, but when I try to run an exploit it constantly states it’s not vulnerable. I’m a complete noob in this so a nudge in the right direction (e…g articles, tutorials) would be nice!
i have tried to exploit r**** with metasploit the check is ok but the exploit faill every time
I don t know if i have to add something to the exploit any hint