Please enable JavaScript.
Coggle requires JavaScript to display documents.
library 2 (1.Finding machine IP (ifconfig (target IP achieved (2.port…
library 2
1.Finding machine IP
ifconfig
target IP achieved
2.port scanning
nmap -sS ip
HTTP PORT 80
FTP PORT 21
3.Enumeration
http://192.168.137.157
web page
page source detail
not necessory info :red_cross:
4.Dirbuster
for obtaining useful directories and files
htpasswd.php
response 403 :red_cross:
5.library.php
found webpage listing the name of few countries
1 more item...
response200 :check:
htaccess
response 403 :red_cross:
applying brute force
9.Exploitation
10.sql injection
sqlmap -r request.txt --dbs --batch --risk 3 --level 5
found Directories for enumerating the usernames and passwords
11.library
12.FTP LOGIN CREDENTIALS
13.conect to target system though ftp port :check:
nothing useful :red_cross:
list html directory
1 more item...
mysql
sys
17.Privilege Escalation
netcat session
18.nc -lvp 4444
19.listen uploaded shell
limited priviledge cant access terminal of target machine
19.python -c 'import pty; pty.spawn("/bin/sh")
cd /var/mail for password searching
20.welcome file
welcome administrator : :star:
2 more items...
cd /var/lib
no useful info :red_cross: