Please enable JavaScript.
Coggle requires JavaScript to display documents.
kiotrix 2 (Discovery/Enum/vuln searching (web server scanning (nikto -h…
kiotrix 2
Discovery/Enum/vuln searching
web server scanning
nikto -h [ip]
Dir scanning
found some dir
found phpmyadmin
searching for breadcrumbs or Vuln on login-page
we found login is vuln to sql injection
check out web
found a login page
services scanning
nmap
found open ports and running services
nmap -sn
Exploiting vuln
ping box appeared
searching vuln
we found typed commands are directly passing to shell
creating reverse connection using bash
got shell
setting up listener
lets try login in as 'admin' and bypass pass
injection successful
Gaining Access
Local Enum
uname -a
uname -mrs
/etc/redhat-release
found exploit
www.exploit-db.com/download/9542
gcc
Run
ROOT
cat /etc/issue