I’m stuck on root. I feel like I’m at my wits end. Can anyone PM me a hint? I feel like I’m overlooking something.
There is a public exploit. It probably needs two sessions running to make it work.
Yeah, I’ve tried using the Frieen CE and bu**din the g* sct after making changes. I’m just having issues with it actually wanting to work inse the co*nr. Doesn’t run just throws an error.
./main: error while loading shared libraries: libgo.so.16: cannot open shared object file: No such file or directory
Initial Foothold : after all of your basic enumeration & stuff, you will be left with one thing to try out. think about all exploitable component in the web application. specially web applications !
User : it is all about hard enumeration to find what you need !
Root : if you find the exploit you can get root ! this is very interesting exploit and informative !
I could use a sanity check for root. I believe I’ve got the right exploit, I believe I’m executing it properly, but no matter my payload I don’t seem to get any sort of execution at all. Everything else looks right.
I could use a sanity check for root. I believe I’ve got the right exploit, I believe I’m executing it properly, but no matter my payload I don’t seem to get any sort of execution at all. Everything else looks right.
So it clearly depends on the exploit you are using.
If you are using the same one as I did, you need two sessions, one to run the command, grab the exploit and run the exploit.
I could use a sanity check for root. I believe I’ve got the right exploit, I believe I’m executing it properly, but no matter my payload I don’t seem to get any sort of execution at all. Everything else looks right.
So it clearly depends on the exploit you are using.
If you are using the same one as I did, you need two sessions, one to run the command, grab the exploit and run the exploit.
The second to run the command.
Hrm, this is exactly what I’m doing. Even get the “No help topic” message as the demo shows. It just doesn’t appear that anything else ever actually happens.
Somehow I managed to get the S** key for user. But if I try to login I always get a “Connection closed” message. Tho I think it is the right way, am I missing something?