Hi Guys,
i am a newbie here. i have a question to ask for buff machine. Below is the problem where i struck.
root@kali:~/Desktop/Buff# python exploit.py http://10.10.10.198:8080
Traceback (most recent call last):
File “exploit.py”, line 37, in
import requests, sys, urllib, re
ImportError: No module named requests
Type your comment> @Style7076 said:
Hi Guys,
i am a newbie here. i have a question to ask for buff machine. Below is the problem where i struck.
root@kali:~/Desktop/Buff# python exploit.py http://10.10.10.198:8080
Traceback (most recent call last):
File “exploit.py”, line 37, in
import requests, sys, urllib, re
ImportError: No module named requests
If so, you don’t have that python module in your machine. Google about it and know how to solve it. Pip will help you.
Hello!
Managed to get a foothold and got the user flag, but stuck trying to make my shell more interactive.
I’ve uploaded my own nc.exe binary onto the target but when I use it the new shell dies instantly.
Unless I’m wrong, I don’t think my foothold shell will get me admin privs. Any nudge would be appreciated!
@Wofulprawn said:
Hello!
Managed to get a foothold and got the user flag, but stuck trying to make my shell more interactive.
I’ve uploaded my own nc.exe binary onto the target but when I use it the new shell dies instantly.
Make sure the version you’ve uploaded is good (see previous discussions) and that you’ve uploaded it in a sensible way.
Unless I’m wrong, I don’t think my foothold shell will get me admin privs. Any nudge would be appreciated!
Yeah, you probably need a better shell.
Type your comment> @ishansaha007 said:
i tried using plink in parrot os but i see some fatal error about not agreeing on some keyexchange. am stuck here can anyone help me on this?
I had the same issue. Download the newest version of plink.exe. The one provided on Parrot OS is outdated.
I found chisel works a lot better with way less hassle and setup. Am I the only stuck with gettign garbage from the edited python exploit for root? NOTHING seems to be working for me.
@sungod88 said:
I found chisel works a lot better with way less hassle and setup. Am I the only stuck with gettign garbage from the edited python exploit for root? NOTHING seems to be working for me.
Try a different exploit?
Having some trouble in progress to root. when i enter cp into the w##s##ll terminal… nothing happens. would love some nudges.
Another newbie here, based upon my search I found exploit and hopefully @Style7076 and @gunroot comments confirm it. But I’m running in to a problem traceback with my fancy sword.
Traceback (most recent call last):
File "*****.py", line 90, in <module>
s.get(SERVER_URL, verify=False)
File "/usr/local/lib/python2.7/dist-packages/requests/sessions.py", line 477, in get
return self.request('GET', url, **kwargs)
File "/usr/local/lib/python2.7/dist-packages/requests/sessions.py", line 465, in request
resp = self.send(prep, **send_kwargs)
File "/usr/local/lib/python2.7/dist-packages/requests/sessions.py", line 573, in send
r = adapter.send(request, **kwargs)
File "/usr/local/lib/python2.7/dist-packages/requests/adapters.py", line 415, in send
raise ConnectionError(err, request=request)
requests.exceptions.ConnectionError: ('Connection aborted.', error(110, 'Connection timed out'))
Small nudge to get this fixed would be appreciated.
@Tumppi said:
Small nudge to get this fixed would be appreciated.
Can you check how you are invoking the exploit?
If you are just running FILENAME.py, then it doesn’t know where to go.
Are you running it as python FILENAME.py http://IPADDRESS/ or something else?
Type your comment> @TazWake said:
@Tumppi said:
Small nudge to get this fixed would be appreciated.
Can you check how you are invoking the exploit?
If you are just running FILENAME.py, then it doesn’t know where to go.
Are you running it as
python FILENAME.py http://IPADDRESS/or something else?
Been running it as sudo python2.7 *****.py http://10.10.10.198:8080
So I suppose it should be right
@Tumppi said:
Been running it as
sudo python2.7 *****.py http://10.10.10.198:8080
So I suppose it should be right
Yeah - but the error is implying it can’t connect. Double check things like the OpenVPN tunnel is active, you can access it in a browser or via curl etc.
Type your comment> @TazWake said:
@Tumppi said:
Been running it as
sudo python2.7 *****.py http://10.10.10.198:8080
So I suppose it should be rightYeah - but the error is implying it can’t connect. Double check things like the OpenVPN tunnel is active, you can access it in a browser or via curl etc.
Can access site with no problems on browser and curl -vvI 10.10.10.198:8080 gets an anwser.
@Tumppi said:
Can access site with no problems on browser and
curl -vvI 10.10.10.198:8080gets an anwser.
Ok, then as a Hail Mary type attempt to try random things, look at:
sudo python2.7 *****.py http://10.10.10.198:8080/ to see if it has a different response and add a host name then try that, again, to see if there is a different response.
There are a lot of things which could be causing this, so the troubleshooting may need to be change something, try, change something try…
For example, are there any other messages than the traceback? Do you have the requests module installed etc.
Type your comment> @TazWake said:
@Tumppi said:
Can access site with no problems on browser and
curl -vvI 10.10.10.198:8080gets an anwser.Ok, then as a Hail Mary type attempt to try random things, look at:
sudo python2.7 *****.py http://10.10.10.198:8080/to see if it has a different response and add a host name then try that, again, to see if there is a different response.There are a lot of things which could be causing this, so the troubleshooting may need to be change something, try, change something try…
For example, are there any other messages than the traceback? Do you have the requests module installed etc.
Mystery has been solved, adding / after port and everything started to work as intended. Huge thanks for help. Time to continue and get some progress done.
@Tumppi said:
Mystery has been solved, adding
/after port and everything started to work as intended. Huge thanks for help. Time to continue and get some progress done.
Great work 
Having a little difficulty on root.
I have port forwarding working correctly it seems. I have found exploit, but when I run it, nothing happens. NC does not pick up the connection.
I have found 3 possible exploits, none of which will work. They all return the same result: nothing.
I have checked the payload/arch, and all seems to be right. I am not sure why this will not connect.
I hope this isn’t spoiling; I’m trying to be discreet. Is there anyone that can pm me for a small nudge on the final step? I have done 99% of the work, but this last 1% is driving me a little crazy.
@Nlytn said:
Having a little difficulty on root.
I have port forwarding working correctly it seems. I have found exploit, but when I run it, nothing happens. NC does not pick up the connection.
I have found 3 possible exploits, none of which will work. They all return the same result: nothing.
I have checked the payload/arch, and all seems to be right. I am not sure why this will not connect.
I hope this isn’t spoiling; I’m trying to be discreet. Is there anyone that can pm me for a small nudge on the final step? I have done 99% of the work, but this last 1% is driving me a little crazy.
This is a fairly regular question, some of the previous answers may include information which helps you. There isn’t a small nudge here though.
Verify the tunnel is working. If you use p*, it should show some information which tells you it has worked.
Verify you have the correct exploit. Spray and pray can work, but makes it hard to troubleshoot. The one I used was fairly simple and the Venom output as described on the exploit page didn’t need -f python.
Make sure your shell code is sensible - remember it needs your IP and the port the listener is on, not the one you’ve tunnelled.
If all else fails, remember there are other people launching an insane number of exploits against the service. Certainly, on the free boxes, this means it is going to fall over on a regular basis. It may need a reset but be sparing with this and only as a last resort because other people will also be trying to get their exploits to work.
Finally rooted. Nice machine. Thanks!
Anybody else than just me experiencing problems with “buff” ? The hosted website doesn’t respond… I can ping it but the round trip time fluctuates like mad…