GI Joe

less than 1 minute read

See GI Joe? CGI?

jh2i.com:50008/cgi-bin/

Doing some enumeration lead me to:

jh2i.com:50008/?-s

Which allows grabbing of the source code in older versions of PHP

CVE-2012-1823

https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-1823

There’s a metasploit module to speed up this process

Share on

Twitter Facebook LinkedIn

THM Challenge

February 11, 2021

‘THM Challenge’ is a WebApp that I wrote to send along with my CV to TryHackMe when they were recruiting Content Engineers

Granny & Grandpa

January 27, 2021

Granny & Grandpa are a pair of identical easy rated boxes on Hack the Box. We’ll use metasploit to exploit a buffer overflow in IIS 6.0/WebDav for access and a kernel exploit for privesc

Optimum

January 25, 2021

‘Optimum’ is an easy rated box on Hack the Box. We’ll exploit a vulnerable version of HttpFileServer for access and use Windows Exploit Suggester to find a kernel exploit for privesc

‘Bashed’ is an easy rated box on Hack the Box. We’ll use gobuster to uncover some hidden directories on a webserver, use a custom bash/php client to gain a shell and exploit a script being run as a cronjob for root

tsustyle

Share on

You may also enjoy

THM Challenge

Granny & Grandpa

Optimum

Bashed