I still not found how to use the downloaded exploits (4****.rb , 4****.sh) to get access to the server . Anyone please give me a nudge.
i used the sh exploit, i edited it to work, just simple things, basick knowledge of shell script
Anyone able to help pls? Stuck on jy. Looked in il and found i**.p**. Saw something interesting in there but my buddy john wasn’t working today. Any help on where to go from here? Thanks in advance!
In very general terms, make sure it is executable (chmod) and then run filename.sh target
Thanks.
I’ve done this and get…
root@kali:~/Desktop# ./4****.sh 10.10.10.170
./4****.sh: line 8: $‘\r’: command not found
./4****.sh: line 16: $‘\r’: command not found
./4****.sh: line 18: $‘\r’: command not found
./4****.sh: line 24: syntax error: unexpected end of file
Edit: I have tried editing the file taking the white space out but can’t fix it.
I had this same error, i just removed all the commments and used the main couple of lines and it worked.
Hi, that was my issue too but from reading up more on the output of “sudo -l” I realized that it doesn’t say that you have sudo privileges to n*o but rather you can sudo n**o to one specific file (shown in the output of sudo -l).
Try doing that and if it still doesn’t work send me a message ^^
Rooted easy machine. I used Metasploit for my initial attack. If anyone used the .sh script to gain attack, please let me know. I’m tried it so many times, still now clear. Thank you
I know the name of user1 and user2 but dont know how to get access and continue
Look around more. You can find the password for user1 if you have a methodological search of the files and folders around where you issue you remote commands.
Got J* password from S**, got to the i****l dir and looked around. I know there’s something running in port 56 but cant seem to reach it by any means…tips?
aaand rooted. wow that was fun, thank you @dmw0ng !
my hints
foothold: CVE, straightforward
user1: enum the ■■■■ out of the files on the systems and grab all loot you find in them. never underestimate the power of the bad password habits.
user2: if you cannot go internal through a door, climb in the window
root: too easy to give any hint, just look for the standard stuff