ok, now we will try hacking dvwa for get access root os linux..ok lets go to the steps ;)
+ Create backdoor with weevely
open the terminal, and write the command and run virtual box metasploit os
we generate the file with the name "weevely.py
ok time to open browser and login dvwa, dvwa address "192.168.56.101/dvwa" in here im using security DVWA "High"
+ Upload the backdoor and bypass DVWA proteck with DVWA
ok, now time to upload file weevely.py on DVWA.....look the pict bellow
opppsss we get trouble, but its ok !! calmdown and please drink coffe for make ur enjoy ...:D
see the picture....
ok now we open Burp Suite and make sure "intercept is on" and dont forget to see options for get address interface "127.0.0.1:8080" and we go to browser mozzila for setting preferance browser, we must choise "Manual proxy configuration"
ok next steps we will see Burp Suite again....:) look this report on burp suite and edit filename:="fargothen.php.jpg"....and now backdoor upload successfully...YiiiipppYY....;)
Now time to connect backdoor with virtualbox ;)
and now virtualbox connect with backdoor.....
+ Access Rooting
Now, I will search available user on target virtualbox.
Ok we use medusa for get id and password target..
-h for host, -u for username, -P for path wordlist, -e for option password, ns for blank password n username same as password, -M for module..
next step we must exploit linux karnel, i use udev file for exploit. but i need script for exploit karnel linux...how can i get the script ? we must download the script and compiler file.c to udev...
ok now after get file.c and time to compiler file, look the steps
if u follow the step, now back to virtualbox metasploit and make komputer listen, look the picture
after make computer target listen, we have need PID for run udev, how can we must get PID ? ok look the picture, and now we know PID is 2356
now we run udev with PID
and yiiiipppppiiii.......time to get access root....:D
+ Create backdoor with weevely
open the terminal, and write the command and run virtual box metasploit os
we generate the file with the name "weevely.py
ok time to open browser and login dvwa, dvwa address "192.168.56.101/dvwa" in here im using security DVWA "High"
+ Upload the backdoor and bypass DVWA proteck with DVWA
ok, now time to upload file weevely.py on DVWA.....look the pict bellow
see the picture....
ok next steps we will see Burp Suite again....:) look this report on burp suite and edit filename:="fargothen.php.jpg"....and now backdoor upload successfully...YiiiipppYY....;)
Now time to connect backdoor with virtualbox ;)
and now virtualbox connect with backdoor.....
+ Access Rooting
Now, I will search available user on target virtualbox.
Ok we use medusa for get id and password target..
-h for host, -u for username, -P for path wordlist, -e for option password, ns for blank password n username same as password, -M for module..
next step we must exploit linux karnel, i use udev file for exploit. but i need script for exploit karnel linux...how can i get the script ? we must download the script and compiler file.c to udev...
ok now after get file.c and time to compiler file, look the steps
if u follow the step, now back to virtualbox metasploit and make komputer listen, look the picture
after make computer target listen, we have need PID for run udev, how can we must get PID ? ok look the picture, and now we know PID is 2356
now we run udev with PID
and yiiiipppppiiii.......time to get access root....:D
0 comments:
Post a Comment