I’m wondering if I have to complete every section of a module in order to be able to officially complete that module.
I’ve reached a section I can’t complete. It’s not even supposed to be challenging. You’re just supposed to essentially copy and paste what the author did. But the author’s walkthrough doesn’t appear to work on the spawned box, and I can’t get anything working either. So I’m stuck and unable to finish a section.
Does this mean I can’t complete the module, and therefore my path, and therefore my cert?
What section is giving you trouble? If it is on the CBBH path or coincides with the material I might be able to help.
And I believe you have to 100% every module before the test will open for you.
-onthesauce
It’s just the Blind SSRF Exploitation Example section of Server Side Attacks. (My post asking for help is here.) I’m just trying to duplicate the commands that are in the section. As best I can tell, all I should really have to do is change the IP address to match my own.
I can’t complete the part where I send an HTML file that should trigger a GET request to my machine with the contents of /etc/passwd (base64 encoded). I never get the GET request back to me, and my POST of the HTML file never completes (no response from the server).
And I get similar results on the next part of that section which is uploading a reverse shell. When I send the example code, updated with my IP address, I get no connection to my netcat listener, and my POST of the exploit code never gives a response.
The reverse shell is particularly interesting because I know my injected command is running, and I know my encoding is correct. Because if I send a command like echo "Hello, world!"; sleep 10;, the POST takes 10 seconds to complete. So it’s clearly correctly decoding and executing my shell command. But I’ve tried 10+ different reverse shells, including the one from the example, and nothing ever hits my netcat listener.
Everything I’ve tried suggests the target machine either can’t route back to me, or has some sort of firewall in place. Keep in mind this isn’t a skill assessment. It’s just duplicating what was done in the section. The commands / exploit code listed in the section should be working for me unchanged (except for the IP address), but it’s not.
I sent you a DM with some ideas. That section was kinda crazy.
-onthesauce
1 Like