@akasam said:
Did find a solution for this? “ImportError: No module named colorama?” or did just deleted this line as suggested?
If its needed, have you tried pip2 install or pip3 install as needed?
I am having trouble upgrading the shell! Can I have some tips on upgrading it? Thanks
rooted.
User: is pretty straight forward. Just some basic enum & you are going to find a way to get user implemented.
Root: need some !good! enum. Networking is a key part in this.
Feel free to pm me for nudges, just make sure you describe to me the steps you took, so that I can give you something useful!
I have a problem with the exploit, using python 2 I have this problem:
‘’‘import requests, sys, urllib, re
ImportError: No module named requests ‘’’
And using python3:
‘’’ print Style.BRIGHT+Fore.RED+"[!] “+Fore.RESET+“Could not connect to the webshell.”+Style.RESET_ALL
^
SyntaxError: Missing parentheses in call to ‘print’. Did you mean print(Style.BRIGHT+Fore.RED+”[!] "+Fore.RESET+“Could not connect to the webshell.”+Style.RESET_ALL)? ‘’’
can anyone tell me how to solve please?
@Brux said:
can anyone tell me how to solve please?
You can try using python3 or pip2 install requests
@TazWake said:
You can try using python3 or pip2 install requests
Requests module comes with default in Pentesting OS right?
@gunroot said:
@TazWake said:
You can try using python3 or pip2 install requests
Requests module comes with default in Pentesting OS right?
Not sure - I use Kali but its been so butchered I don’t know what comes by default and what doesnt.
This exploit worked in python2 for me. It wont work in python3 without quite a bit of modification (at the very least the print statements need to be modified)
ok i solved it, i had to install 2 packages for python that i was missing. Thanks
Type your comment> @TazWake said:
@CyberTron2019 said:
(Quote)
It largely depends on what isn’t working. If the exploit is failing to run, you might be using it incorrectly.If it does run but you think the shell isn’t working - that is because it isn’t a shell, its a fancy interface for command execution.
I found it much easier to use a browser to execute commands, you just need to read past the typos in the POC documentation.
Thanks this is my 4th day and still can’t get User , this is my 2nd box and still try to figure it out, any Nudge or help is appreciated, Thx
@CyberTron2019 said:
Thanks this is my 4th day and still can’t get User , this is my 2nd box and still try to figure it out, any Nudge or help is appreciated, Thx
I am not sure what I can add to what is already in this thread without it being a spoiler.
If you can explain what the problem is, I might be able to help.
At a high level - use the exploit correctly, ignore the fake shell and issue commands in the way the POC code suggests, but check for the mistakes vs what the code actually says.
anyways guys I got root.
Questions about p***.exe I ran the command I keep getting connection refused do I need to setup a listener and modify the p*** command?
I managed to use c****.exe / s**** for C****.exe that works
@TazWake said:
@CyberTron2019 said:Thanks this is my 4th day and still can’t get User , this is my 2nd box and still try to figure it out, any Nudge or help is appreciated, Thx
I am not sure what I can add to what is already in this thread without it being a spoiler.
If you can explain what the problem is, I might be able to help.
At a high level - use the exploit correctly, ignore the fake shell and issue commands in the way the POC code suggests, but check for the mistakes vs what the code actually says.
what have you done so far?
did you at least get a foot hold and see the directory ?
@SamoaJoe said:
anyways guys I got root.
Questions about p***.exe I ran the command I keep getting connection refused do I need to setup a listener and modify the p*** command?
The port is likely to be the issue:
Hey guys, I’m having issue with the root escalation, I found the factor, but whenever using p****.xe to frd, I keep getting timeouts, despite reading through forums, I cannot get anything to work… I can S** into my localhost, although, when using the service remotely, either via p* or S**, I can’t get a connection back on my server. Could anyone P.M me on this ?
Thank you!
I was able to get user very easily, but root is killing me with pXXXk. Can someone tell me if they’ve had issues with getting pXXXk to work? I cannot get this to work, I keep getting Connection Timeout when trying to connect. Did anyone do this box a different route for root? I have found a couple other CVE’s but none of those have worked for me either.
Type your comment> @Brux said:
ok i solved it, i had to install 2 packages for python that i was missing. Thanks
Can you share what packages? I am beating my head against Kali linux today…
2020.3 has been a ■■■■ show so far for me… I’ll likely be going back to 2019 until its more stable.
@enixium said:
I was able to get user very easily, but root is killing me with pXXXk. Can someone tell me if they’ve had issues with getting pXXXk to work? I cannot get this to work, I keep getting
Connection Timeoutwhen trying to connect. Did anyone do this box a different route for root? I have found a couple other CVE’s but none of those have worked for me either.
Have you read the previous messages about this? The standard configuration wont work.
Alright, not giving up, I am going to try more
Appreciate the help.
Type your comment> @TazWake said:
@CyberTron2019 said:
Thanks this is my 4th day and still can’t get User , this is my 2nd box and still try to figure it out, any Nudge or help is appreciated, Thx
I am not sure what I can add to what is already in this thread without it being a spoiler.
If you can explain what the problem is, I might be able to help.
At a high level - use the exploit correctly, ignore the fake shell and issue commands in the way the POC code suggests, but check for the mistakes vs what the code actually says.
@CyberTron2019 said:
Alright, not giving up, I am going to try more
Appreciate the help.
If you get super stuck, DMs might be more useful as posts with more detail will just get reported as spoilers.
Anyone know how to fix: ImportError: No module named requests?
When I try to install the requests module (via apt or pip or manually) I get a response that I already have it??? So I don’t have it but I have it?
I am using Kali 2020.3 with a fresh install and I have no idea why this is an issue, but its starting to make me consider going to Parrot or BlackArch.