Now let’s attempt to browse to our test file. Let’s connect to the FTP client & see if we can add files to the website. Remember how we saw that file on the FTP server from the nmap output? Let’s open a browser and see what we see at that page.Īfter viewing the page source, we see that the website is just pulling up welcome.png as the image. Port 80 is open and running Microsoft IIS 7.5, a webserver. We also see that there are some files present iisstart.html & welcome.png. This is the command I use, but you can use whatever you like best.įrom the output of the scan, we see that FTP on port 21 is open to anonymous login. To start out, let’s run a nmap scan to see what ports are open on the box. Turning Command Execution to Reverse Shell.I’m rating this as an easy box since the privilege escalation piece was simple when utilizing a kernel exploit, and the the initial way in isn’t super realistic. This was a simple box, but I did run into a curve-ball when getting my initial foothold.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |