[Academy hack the box][Shells & Payloads][The Live Engagement][Lightweight facebook-styled blog 1.3]

HTB Content
1

hey.i wanna use this exploit (Lightweight facebook-styled blog 1.3) from exploitdb and when i use this with metasploit it gives me this error(exploit failed no methoderror undefined method split for nilclass).i got stuck and searched a lot but found nothing.thanks for help

4 Likes
2

You are on the right path. Look closer at the Options

1 Like
3

i also comment this line

token = res.body.split('":"')[1].split('"')[0]

and use this line

token = res.to_s.scan(/"[abcdef0-9]{10}"}/)[0].to_s.tr('"}', '')

but it can not get CSRF token.i also added sleep but it doesnt work.and i could not find timeout syntax for this

res = send_request_cgi(
      'method'    => 'GET',
      'uri'       => normalize_uri(target_uri.path),
    )

can you help me bro please?

4

You don’t have to edit the payload, not needed. Review the payload Options in Metasploit.

2 Likes
5

Text me!
I will support you, I exploited it manually.

1 Like
6

oh my god.im idiot.thank you bro.love you

7

you’re welcome

1 Like
8

Definitely the options are key :wink:
I answered all questions now but the one that need to craft a specific payload for the previous host.

9

which question in live engagement you could not ask?

10

this question: Exploit the target and gain a shell session. Submit the name of the folder located in C:\Shares\ (Format: all lower case)

11

i remember it has 2 path for gain a shell.1 you can use the target with 8080 port and upload a (.war)file .another is you can use port 80 and upload a web shell.try it yourself and if you need more help i am here :slight_smile:

12

Yeap, first I tried uploading to the app on port 80, no luck. now I am trying via WAR file in port 8080. When I access the app after deploying the war, I got error from tomcat. still trying here…:slight_smile: That;s the only question I didn’t get…

13

on port 80 testing you should use burp
on port 8080 you should get help from this site
https://netsec.ws/?p=331
:slight_smile:

14

I got the answer using a shell in port 80 (no burp required) :slight_smile:
I wonder, how it would be via war file

15

cool.did you see the link i shared? :slight_smile:

16

Yes, I have it in my bookmarks. By the way, I managed to exploit in port 8080 as well \o/
:slight_smile:

17

your welcome :slight_smile:

18

Hi,
I have the same problem and get stuck. The metasploit framework gives me the following error (exploit failed no methoderror undefined method split for nilclass). I set the RHOST und RHOSTS to the Host-02 address (blog.inlanefreight.local) and used the username and password from the file. The listen Port is 4444. What am I doing wrong? Thanks for help

19

learn about VHOST

1 Like
20

Thanks :slight_smile: .

1 Like