![]() The second netcat command was the winner. Then, I tried executing different reverse shells from pentestmonkey’s website. I tried to execute a command, but since the output was not displayed, I couldn’t make use of it. I chose the easy way, but it got me nowhere. readhash b5f4723bd6df85b54b0905bd6d734be9ef1cc1eb977413a932a828b5c52ef5a6 You have one more command until the server shuts down. I went back to check out port 9072 with netcat: nc 192.168.43.246 9072 BLACKLIGHT console mk1. There was also a blacklight.dict file, but at this point, it was not useful. There was nothing particularly interesting on the server except the robots.txt file, which revealed the first flag. help for instructions 1 service unrecognized despite returning data. ![]() Not shown: 65533 closed ports PORT STATE SERVICE VERSION 80/tcp open http Apache httpd 2.4.29 ((Ubuntu)) |_http-server-header: Apache/2.4.29 (Ubuntu) |_http-title: BLACKLIGHT 9072/tcp open unknown | fingerprint-strings: | DNSStatusRequestTCP, DNSVersionBindReqTCP, FourOhFourRequest, GenericLines, GetRequest, HTTPOptions, Help, Kerberos, LANDesk-RC, LDAPBindReq, LDAPSearchReq, LPDString, NCP, NULL, RPCCheck, RTSPRequest, SIPOptions, SMBProgNeg, SSLSessionReq, TLSSessionReq, TerminalServer, X11Probe: |_ BLACKLIGHT console mk1. The usual nmap scan returned the following: nmap -A -p- 192.168.43.246 Nmap scan report for blacklight (192.168.43.246) Host is up (0.00020s latency).
0 Comments
Leave a Reply. |