I uploaded a webshell using the exploit from e*****tdb and the admin credentials but the shell doesn’t seem to respond, I don’t know if I’m getting the upload path wrong or somehow it’s getting deleted, if anyone got the same issue and could help with nudges I would appreciate very much! (I tryied some other things and I think I took the box down :neutral:)
PS: I manage to make uploads manually using burp. but still can’t get much response… At least I now know that the upload is successful since when I try to trigger a reverse shell which daemonise itself I get a common error: "WARNING: Failed to daemonise. This is quite common and not fatal. () " but still no connection. I was also able to upload a file with only the content “test” and it gets succesfully displayed but I can’t make it parse any commands to the system…
I discovered a .sh***p file in the downloaded archive. However when opening it in browser it gives a blank page and with curl I get a 404. It’s a rabbit hole I guess, or is it not?
Ok, have RCE, but not reverse shell. I would appreciate hint or some sake where I lost it.
The box can be done without having a reverse shell.
If you have RCE and not just P** CE, you can assume that something is blocking you from getting one.