July 11, 2021 at 10:50 pm #56589
I think I am doing everything correctly and as far as I’m aware netcat makes the connection but then immediately drops out for some reason with nothing sent and received as in the following screenshot:
I’m not sure if that is the best way to put in images or not either, sigh?
The commands I used are as follows, initially when I attemted to log in with the ssh random@(ip address) I got a yes/no/fingerprint option. Would that make a different to whether I could subsequently establish the shell with netcat:
The command I used for to attempt to run on the server before I encoded it in Burpsuite is:
And the final command I used was:
Hopefully you should be able to see all the screenshots I took and be able to spot what I’m doing wrong?
NickJuly 11, 2021 at 10:51 pm #56590
I’m not sure if the snapshots have uploaded correctly. I don’t think they have. Could you let me know if you can’t see them and what I’ve done wrong please.
Thanks and regards
NickJuly 11, 2021 at 10:54 pm #56591
It appears the images are sort of working if you right click on them and open them in a new tab. However, whilst the URL for my screenshots are all different they have the same descriptions because I just cut and pasted the link and only changed the image name but not each description. Please bare with me as I come to grips on your system for uploading pictures.
NickJuly 12, 2021 at 5:59 pm #56620
Yes, I can see the screenshots fine.
Can you show the results of:
ifconfig and route -n in kali and metasploitable
Can you share a screenshot of the Network settings used in VirtualBox for both machines?
Also have you run the nc command directly in metasploitable terminal? Is it working fine?
DiegoJuly 13, 2021 at 5:36 pm #56634
First, thanks for getting back to me. Second I think I’ve got all the screenshots you want!
Ifconfig of Kali machine:
ifconfig of Metasploitable machine:
route -n of Kali machine:
route -n of Metasploitable machine:
Network settings of Kali VM:
Network settings of Metasploitable machine:
I think that is them all and I hope they work. Phew!!!! There must be easier ways to add images to a question in this forum!
I tried the nc command directly on the metaspoitable machine and got exactly the same response which is interesting. What is also interesting is that in the lecture about code execution vulnerabilities I was able to execute the nc command on the metaspoitable machine perfectly and it established the shell. So what do you think all this means?
Thanks for your help and regards.
NickJuly 13, 2021 at 5:59 pm #56637
In the nc command entered in metasplitable can you add a / before bin? So it has to look like /bin/sh, then try it again.
DiegoJuly 14, 2021 at 4:31 pm #56665
Dammit!!!!! Such a small mistake and everything fails. I added the / slash and it worked fine. Well spotted and thank you.
NickJuly 15, 2021 at 5:30 pm #56692
DiegoJuly 18, 2021 at 10:59 am #56750
I followed Zaid’s Ethical Hacking course on Udemy and I’m glad to have your support again on this course.
Thanks and regards
NickJuly 19, 2021 at 5:49 pm #56794
You’re welcome mate!
- You must be logged in to reply to this topic.