Compared to other ‘Easy’ machines this was quite different! I think this box would be easy for those who are familiar with certain tools and quite challenging for the who are not, which was my case. Thanks to @MariaB for their help.
A lot of the comments already on the forum will help you. I want to reiterate the tips for foothold, don’t dismiss what is in front of you, enumerate everything but don’t be drawn into a rabbit hole.
For root, I could not find anything on the box to help me move forward but once you understand what to do there are tools out there that an help.
I enjoyed this machine quite a bit. Searching for exploit was PITA because everything tells you “it is one time job”. Apparently it is not.
I also struggled a bit with ssh. I forgot than in Parrot ssh service is disabled by default. I was banging my head against the wall why my p****.*** was not connecting…
Thanks @egotisticalSW for nice machine and @TazWake for your invaluable support and thorough comments.
Got the initial web shell but not able to upgrade it. Tried downloading nc.exe for reverse shell but did not work… can anyone nudge me in the right direction…
I enjoyed this machine quite a bit. Searching for exploit was PITA because everything tells you “it is one time job”. Apparently it is not.
I also struggled a bit with ssh. I forgot than in Parrot ssh service is disabled by default. I was banging my head against the wall why my p****.*** was not connecting…
Yeah, I think this has tripped up a few people. I was fortunate in that a few retired boxes have needed port forwarding like this, so I remembered to turn it on
Thanks @egotisticalSW for nice machine and @TazWake for your invaluable support and thorough comments.
Got the initial web shell but not able to upgrade it. Tried downloading nc.exe for reverse shell but did not work… can anyone nudge me in the right direction…
What is a surefire way to get a file onto the remote machine via a webshell? If I don’t run with powershell.exe before the command it says the command is not recognized so is the webshell not actually talking to powershell? If I run it with the powershell.exe I get an error saying the machine cant connect to my remote server which I’m hosting with python. I can ping my attack machine so I know the IP is correct and the interface is working but still unsure what is happening.
What is a surefire way to get a file onto the remote machine via a webshell? If I don’t run with powershell.exe before the command it says the command is not recognized so is the webshell not actually talking to powershell? If I run it with the powershell.exe I get an error saying the machine cant connect to my remote server which I’m hosting with python. I can ping my attack machine so I know the IP is correct and the interface is working but still unsure what is happening.
Invoke-WebRequest should work. Try a full path in the -outfile
That was it so it seems. Thank you so much. The issue now is some kind of lag that causes the file not to be downloaded. It shows the file in the remote machines directory but with size 0. I assume this is a network issue.
Update: Running a personal VPN on top of OpenVPN seems to cause some issues.
What is a surefire way to get a file onto the remote machine via a webshell? If I don’t run with powershell.exe before the command it says the command is not recognized so is the webshell not actually talking to powershell? If I run it with the powershell.exe I get an error saying the machine cant connect to my remote server which I’m hosting with python. I can ping my attack machine so I know the IP is correct and the interface is working but still unsure what is happening.
What is a surefire way to get a file onto the remote machine via a webshell? If I don’t run with powershell.exe before the command it says the command is not recognized so is the webshell not actually talking to powershell? If I run it with the powershell.exe I get an error saying the machine cant connect to my remote server which I’m hosting with python. I can ping my attack machine so I know the IP is correct and the interface is working but still unsure what is happening.
Depending on the exploit you used, you can use commands in the browser to download files to the machine in the directory where your shell landed. You can also use this to execute them. There are cross-platform tools designed for manipulating servers.
What is a surefire way to get a file onto the remote machine via a webshell? If I don’t run with powershell.exe before the command it says the command is not recognized so is the webshell not actually talking to powershell? If I run it with the powershell.exe I get an error saying the machine cant connect to my remote server which I’m hosting with python. I can ping my attack machine so I know the IP is correct and the interface is working but still unsure what is happening.
What is a surefire way to get a file onto the remote machine via a webshell? If I don’t run with powershell.exe before the command it says the command is not recognized so is the webshell not actually talking to powershell? If I run it with the powershell.exe I get an error saying the machine cant connect to my remote server which I’m hosting with python. I can ping my attack machine so I know the IP is correct and the interface is working but still unsure what is happening.
And the curl command?.. Directly from the directory where your shell landed.
Yeah that works too. Thanks for the insight. I’m just glad I was able to confirm that these commands should work when input correctly rather than thinking it was something else.