In this tutorial, I will show you the simple privilege escalation attack on our lab. Therefore, I assume that pwnOS installed in Virtualbox as a target.
From the terminal, we can scanning the target OS (IP address 192.168.1.101)
From the above, we can see that there are several ports opened, such as port 22 (ssh), port 80 (http), etc.
After that, we can see the detail about a target with Nessus.
Ok, port 10000 (webmin) opened, now we will use exploit-db for exploit this service
We will try exploit it with /multiple/remote/2017.pl
Just type this file in terminal.
So, will display help on how to use this file.
Ok, let's try!!. We want to open /etc/shadow in target.
Ok, as we know from that figure, the target have user vmware, obama, osama, yomama.
Thank you !1 :-)
No comments:
Post a Comment