Official Breadcrumbs Discussion

D4rm1 · June 19, 2021, 3:43pm

Hello All
I try multiple rev Shell codes

I always have an error

DAEMONIZE: pcntl_fork() does not exists, moving on… PROC_ERROR: Cannot start the shell

or something like that :neutral:

subtilis · June 20, 2021, 10:09am

Type your comment> @D4rm1 said:

Hello All
I try multiple rev Shell codes

I always have an error

DAEMONIZE: pcntl_fork() does not exists, moving on… PROC_ERROR: Cannot start the shell

or something like that :neutral:

Have you changed the IP:PORT in the revshell to match your listener IP:PORT? Have you started your listener? Are you sure that your IP is the correct one (maybe reconnected to the VPN and changed)?
Is the revshell that you are using OS specific? For what OS? There is one out there that is “universal”…

subtilis · June 20, 2021, 11:04am

Is it me or there is a problem in getting stuff/files from and to the attack box? Is this part of the difficulty? I cannot seem to find a way to transfer or get files with any of the methods I know. Am I missing something?

Edit: Nevermind! I figured it out and moved on (…not so keen with windows boxes!)

D4rm1 · June 24, 2021, 6:07pm

Type your comment> @subtilis said:

Hello thanks for your answer

yes I changed the IP:Port

I tried something with nc.exe and cmde.exe (It works better with linux machine)
I got a reverse request that closed immediatly :neutral:

D4rm1 · June 25, 2021, 6:24pm

OK I can’t have a reverse shell, but I used an other method

Jaquarh · June 26, 2021, 11:22am

I have managed to get the reverse shell through the file upload but enumerating gets me no where due to the AV (Windows Defender). I tried bypassing it but can’t figure that out so instead I found the 1234… I’ve tried using netsh but it requires admin… curl returns Bad Request and curl *1234*/test shows its an Apache PHP 8.0.1. Any ideas how I could tunnel this?

Jaquarh · June 26, 2021, 10:03pm

Finally rooted. Great box and it is just nothing but enumeration which is great to practice.

Foothold: Intercept, enumerate and reverse engineer. If it doesn’t work, understand what logout does - you may need a server reset.

User: Enumeration, don’t overthink it from previous Rabbit Holes with this one.

Root: She won’t get PROMOTED for this. Sqlite just about get sacked. IDA really appreciated if she could count 1 to 4.

Good luck, PM me if you need a push.

s1gh · July 4, 2021, 1:01pm

Finally rooted the machine.
Overall a great experience with a lot of “breadcrumbs” to follow.

PM me if you need a nudge

Topic		Replies	Views
Official Bagel Discussion Machines	37	4979	May 14, 2023
Official Shared Discussion Machines	34	5450	October 22, 2022
Official Undetected Discussion Machines	62	5663	June 27, 2022
Official Moderators Discussion Machines	12	2479	October 17, 2022
Official Resource Discussion Machines	153	4673	November 23, 2024

Official Breadcrumbs Discussion

Related topics