Type your comment> @k4wld said:
Type your comment> @ue4dai said:
I feel stupid for asking, but I cannot get any exe tools onto the box. The exploit works to get that webshell, and often others have left tools laying all over the place. But I’m stuck trying to figure out how they did that. Using c–l does begin but only ~1.3k ever transfers, then after a few minutes times out. I am not seeing what the issue is. I assume something on the box? There was mention of error in exploit script but I’m not seeing that either. The easy Win boxes always have some “WTF?” moments for me.
The c.rl tool works just fine on this box. Maybe the tool that exposes the download link on your “attacker” box has an issue or your internet connection is bad? … Try it locally first is and see if the download works at all.
Thanks @k4wid for the sanity check. Yes, the old standby python httpd seems to be working fine. With wireshark up see lots of TCP retransmissions to Buff. n-.e-- did finally go through just once, but it was extremely slow. There’s no iptables involved either. Very odd.
TCP 1397 byte retransmissions begin right away after HTTP 200 from Buff to Kali VM. Not seeing any responses from Buff after that, just seems to stall. ???
~~Hits a “Maximum execution time of 120 seconds exceeded …” in the webshell. ~~
BTW: This happens regardless of calling from webshell or reverse nc initiated from webshell (should someone have left nc on there).
Ok. Well. Apparently Buff via HTB VPN via home router privacy VPN connection == unhappy Buff. Not an issue on other boxes that I’d noticed. C’est la guerre.