๐Craft
Step1: Port Scanning
Tools
1.rustscan
2.nmap
(rootใฟkali)-[~] โโ# rustscan -a 192.168.157.169 --ulimit 5000
Open 192.168.157.169:80
2.nmap
nmap 192.168.157.169
nmap 192.168.157.169 -sCV -p- --min-rate 10000 -A -Pn
80/tcp open http Apache httpd 2.4.48 ((Win64) OpenSSL/1.1.1k PHP/8.0.7)
We identified only port 80 and now we will try to browse and navigate the website to idenfy anything to exploit.
we could see we will be able to upload the files.Let us run the web enumeration to identify the opne directories.
gobuster dir -u http://192.168.157.169/ -w /usr/share/wordlists/seclists/Discovery/Web-Content/directory-list-2.3-medium.txt -x php,html,txt -t 50
we will try to upload any files to identify which format file we can upload to get the shell.
Now we will try to upload the files
We tried to upload reverse shell exe file, but the site will allow only ODT file.qw qill try to get the reverseshell file internet.
Last updated
Was this helpful?