NIbbles

Please, Help me:

[!] This exploit may require manual cleanup of ‘image.php’ on the target

I have made a reset on the nibbles machine.
I do not know what to do, I hope they help me.

@minhhungvn said:
anyone is around for a quick private conversation?

Tell me.

@Xim said:

@Ju577Ry said:
i’am stuck here guys . i need help .

[] Started reverse TCP handler on (my IP):4444
[!] This exploit may require manual cleanup of ‘image.php’ on the target
[
] Exploit completed, but no session was created.
#msf exploit(nibbleblog_file_upload) >

Hi @Ju577Ry,

I’m stuck there. Any hint how you fix the problem?

Thanks! :slight_smile:

PM me , i will try to help u

@Ju577Ry said:

@Xim said:

@Ju577Ry said:
i’am stuck here guys . i need help .

[] Started reverse TCP handler on (my IP):4444
[!] This exploit may require manual cleanup of ‘image.php’ on the target
[
] Exploit completed, but no session was created.
#msf exploit(nibbleblog_file_upload) >

Hi @Ju577Ry,

I’m stuck there. Any hint how you fix the problem?

Thanks! :slight_smile:

PM me , i will try to help u

Thanks @Ju577Ry, It just worked after 15 attempts. :slight_smile:

@EdTato said:
Please, Help me:

[!] This exploit may require manual cleanup of ‘image.php’ on the target

I have made a reset on the nibbles machine.
I do not know what to do, I hope they help me.

Have same problem. Anyone available for help ?

its the monitor screen right?

@B1ackF1ag said:
its the monitor screen right?

@jc1396 said:
No matter which shell I try, I keep getting “This exploit may require manual cleanup of ‘image.php’ on the target”. Am I missing something here?

RESET

NEED HELP WITH ROOTING. got something with sudo -l

@B1ackF1ag said:
NEED HELP WITH ROOTING. got something with sudo -l

pm me what you got and what your thoughts are

@rmkreborn said:
Can anybody tell what can I do with monitor.sh? I tried my best

Sure!!DM me

@B1ackF1ag said:
NEED HELP WITH ROOTING. got something with sudo -l

DM me…

@rk2311 said:

@rmkreborn said:
Can anybody tell what can I do with monitor.sh? I tried my best
Sure!!DM me

Got root. Thanks for the reply

@rmkreborn said:

@rk2311 said:

@rmkreborn said:
Can anybody tell what can I do with monitor.sh? I tried my best
Sure!!DM me

Got root. Thanks for the reply

Welcome!!

hello everyone, how do i upload lineenum and execute it. m***r is not allowing to executing any shell command or python

I too am struggling with escalation, i used meterpreter to get the initial foothold. Was that the wrong way to go about it?

@ngup said:
hello everyone, how do i upload lineenum and execute it. m***r is not allowing to executing any shell command or python

It can run basic shell commands (cd, cp etc etc) but if you try using su or anything that sends a prompt it’ll fail. At least as far as I can tell. I haven’t gotten root yet so take my advice with a pinch of salt.

@SirFIS said:
I too am struggling with escalation, i used meterpreter to get the initial foothold. Was that the wrong way to go about it?

@ngup said:
hello everyone, how do i upload lineenum and execute it. m***r is not allowing to executing any shell command or python

It can run basic shell commands (cd, cp etc etc) but if you try using su or anything that sends a prompt it’ll fail. At least as far as I can tell. I haven’t gotten root yet so take my advice with a pinch of salt.

I got root (with some pointers) if anyone is stuck on privsec feel free to PM me and i’ll give you some good hints/point you in the correct direction :smiley:

i am stuck, i got a *****.txt wordlist, reading the thread ik that there is a login page…any hint how to get that login page…i guess ik the default creds…
help

@p5yph3r said:
i am stuck, i got a *****.txt wordlist, reading the thread ik that there is a login page…any hint how to get that login page…i guess ik the default creds…
help

do not look for log in page. look for other login method.

@w31rd0 said:

@p5yph3r said:
i am stuck, i got a *****.txt wordlist, reading the thread ik that there is a login page…any hint how to get that login page…i guess ik the default creds…
help

do not look for log in page. look for other login method.

can you please try to elaborate other login methods, without spoiling ?

got the login page…!!!