![]() ![]() Well it took me a couple of hours to figure out a solution for that issue, hope it will help anyone. Sorry for the screenshots in this resolution. When setting up the shell, you specify the VPN connection ip !!! instead of ip of your network interface!!!īe sure to make sure that you have 2 interfaces enabled, 1 - your network interface for Internet access, and 1 new VPN interface for connecting to the pwnbox network. That’s it - now you start a new VPN and everything should work. Sudo apt-get install openvpn network-managerĪfter that, you download the configuration file and create a new VPN interface in the settings of the Kali machine, where you import the configuration file without specifying a login and password! This can be done very quickly with the command The easiest way is to set up an open VPN on your Kali machine. You need a route from your kali machine to the attacked pwnbox server through a vpn tunnel. ![]() As has been written here many times.īut what if you are using your local Kali machine.įirst, I would like you to think about how does your Kali machine know the route through the VPN tunnel? You simply prescribe ip not of the network interface, but of the vpn connection. If you are using the pwnbox virtual machine, then things are much simpler. I myself have encountered this problem many times, but every time the task arose to attack a virtual server from my Kali machine, I always put off decisions for later, because I could not decide quickly. I want to help you solve the problem with the Kali machine. : if I stay inactive in the connection I established the connection on the port closes (which is normal) but when I try to execute the curl command I got a 404 which specify that the file is removed so I need to go through the process again and upload the file and…, I think that when the php script is terminated it deletes itself automatically which is a good cybersecurity best practice to not leave a print in the attacked machine. There’s something I still not understand, i.e. Normally in this case you should see on the terminal where you executed the “nc” command that you get a little $ to run your command and that the connection is established Now you’re listening on the port 33456 and you’re waiting for the machine to reverse connect you, you invoke the event by running the curl command (make sure that your filename is right) CONGRATS !! here’s the critical part :įirst of all run the nc command “nc -lvnp 33456” and before run it check that the firewall is disabled using the command “ufw status” Now you modified the file, you uploaded to the web server and you got that message on the web broser that your file is uploaded. “1234”, but for best practice let’s change it and to “33456” instead About the port number you can change the port or leave it as it is, i.e. and you can find it using either “ifconfig” or "ip a " command. I got the same problems I tried to go through everything and I made it in the end, so this will help you troubelshoot the issue and try everything :īefore uploading php-reverse-shell.php to the targe, first of all modify the IP address and put the one that was assigned to you through your connection to the Hackthebox network it start with 10.10.14.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |