Official Sau Discussion

Hi, anyone has a tip to reverse shell from the RCE. I don’t have success in it, tried so many things. No success in developing a ssh access too.

Don’t forget the encoding if your payload contains spaces, and make sure you place the payload correctly.

1 Like

use a command line shell in your payload and regarding the software is running on you know which one to use

I just found m******l and I feel like the dumbest person ever how long it took me, I kept spamming totally wrong targets :smiley:

1 Like

Rooted, the foothold made me confused. Thanks @5105, @tec, and @of0m for your hints.

same

@yelbirb @bartukilickaya
there are multiple steps you need to complete in order to get foothold

I know but I have 0 idea on what are those steps, rn im just messing with burpsuite trying to achieve smth based on my research but with no success. Any tips I am really stuck

:wink:

1 Like

Same, I’m sure its something stupid but i don’t get it :neutral_face:

People were talking about a PoC but as far as I am aware there isn’t one for this vuln

There is :slight_smile:

Once you found the initial vulnerability, do the most basic enumeration that can do with that type of vulnerability… that’ll lead you to the next step…

So I think I haven’t found the vulnerability, I though it was the S**F

you are on the right path

There doesn’t seem to be anything wrong with the request tho’

Any tips on exploiting the m******l, I found only one single POC.
Also any tips about the dorks you guys are talking about are appreciated.
Thanks!

Can I PM you?

bro where did you even find a PoC?

Enumerate the machine but also look around the website for any clues.
That will lead you on the right path. After that just google.