Shells & payloads - The live engagement - host #1

Hello everyone,

I’ve found my mistake, it’s okay now.

Please do you have a link to this?
For me there is no access to the manager page, I have been trying to use curl to upload

use terminal , use msfconsole , look at targets and based on the targets , select payload . default payload wont work

look at target and if its linux , u need to select the linux machine , if its windows, u need to select the windows . based on the target , select the payload .

you get the error why the payload does not work , change the payload based on the target selected

:ok_man: :ok_man: :ok_man: :ok_man: :ok_man: :ok_man: :ok_man: :ok_man: :ok_man: :ok_man: :ok_man: man you saved my day!

This might be stupid, but I cant find a browser on the foothold attack machine. I’ve been using curl this whole time trying to do a CSRF to deliver the .war payload but it seems like the attack vector would be to abuse the file upload system. The hint suggests using a browser in the foothold machine, am I missing something?

I also tried to browse to the Host 1 IP on my VM but it won’t connect.

Any help would be appreciated.

Use Burp suite browser