Table of Contents

Description :

This is second in following series from SickOs and is independent of the prior releases, scope of challenge is to gain highest privileges on the system.

image


Nmap Scan :

Output :

image


Use whatweb :

image


Open the IP in browser :

image


Use Dirb to look for hidden objects :

You will find /test.

Use http-methods.nse :

Finds out what options are supported by an HTTP server by sending an OPTIONS request. Lists potentially risky methods.

Copy php-reverse-shell so that we can use it :

image


Upload that php-reverse-shell using curl (change IP (your IP) and port (443)) :

image

You will see that our exploit is uploaded :

image


Set a netcat listener and open the exploit in the browser :

image


Set a nc listener in new tab :

image


Make an exploit :

image

Give it executable permissions :

image


You will get be root in the new shell :

image


Thanks for reading this post, if you like my work you can support by buying me a pizza. πŸ•